IoTeX has announced a 10% bounty for the return of approximately $4.4 million stolen from its cross-chain bridge, ioTube, during a recent security breach. The offer, made by co-founder and CEO Raullen Chai, aims to incentivize the hacker or hackers to return the funds within 48 hours without facing legal repercussions.
The breach, which occurred on February 21, 2026, involved the exploitation of a compromised validator owner private key, granting unauthorized access to ioTube’s bridge contracts. In a public message, Chai indicated that the company has traced all fund movements across the Ethereum, IoTeX, and Bitcoin networks, and flagged exchange deposits have been frozen.
Chai emphasized that the incident was confined to the Ethereum-side infrastructure of the bridge and did not affect the underlying Layer 1 blockchain. He stated, “This is regarding the ioTube bridge exploit on Feb. 21, 2026.” The company is also implementing an upgrade to its Mainnet, version 2.3.4, which will include a blacklist of known malicious externally owned account (EOA) addresses.
Following the exploit, the value of the IOTX token dropped significantly, falling approximately 22% from $0.0054 to below $0.0042 before experiencing a partial recovery. Cross-chain bridges have been frequent targets for cyberattacks, with industry reports indicating that over $3.2 billion has been lost to similar exploits in recent years.
Experts have noted that the breach highlights operational security failures rather than vulnerabilities in the smart contract itself. Nick Motz, CEO of ORQO Group, stated, “The breach came down to a compromised validator owner private key on the Ethereum side, which is fundamentally an operational security failure.” He further explained that while IoTeX’s Layer 1 network remains secure, the responsibility for user funds lies with the bridge infrastructure.
Security analysis firm PeckShield estimated that over $8 million in assets were affected by the exploit, with the attacker reportedly converting stolen funds into Ethereum and attempting to bridge them to Bitcoin via THORChain. Another investigator, Specter, confirmed that the private key associated with IoTeX may have been compromised, leading to an estimated loss of $4.3 million.
IoTeX has identified four Bitcoin addresses linked to the stolen assets, currently holding approximately 66.78 BTC, valued at around $4.3 million. These addresses are being monitored in collaboration with cryptocurrency exchanges. However, experts caution that the recovery of the stolen assets remains uncertain, as the hacker has begun moving the funds through complex networks, complicating retrieval efforts.
In light of the incident, IoTeX is also developing a compensation plan for affected users, which is expected to be announced within the next 48 hours. The company’s proactive approach, including the bounty offer, underscores the ongoing challenges within the cryptocurrency sector regarding security and asset recovery.
IoTeX has offered a 10% bounty for the return of $4.4 million stolen during a bridge exploit. The incident highlights operational security vulnerabilities in cross-chain bridges, a frequent target for cyberattacks.