Blockchain project IoTeX has disclosed that its multi-chain bridge, ioTube, suffered an exploit on its Ethereum side on February 21. Through a four-step attack sequence, the attacker stole 410 million CIOTX tokens along with approximately $4.4 million in assets, once again drawing market attention to cross-chain bridge security.
According to the official statement, more than 86% of the stolen CIOTX has now been locked or frozen. Approximately 12.8% (around 52.4 million tokens) is undergoing partial freezing in coordination with partners including Binance. Only 0.4% (approximately 1.7 million CIOTX) remains at risk after being swapped on decentralized exchanges.
In addition, the attacker converted tokens from the bridge’s reserve pool into approximately 2,183 ETH, of which 1,572 ETH were bridged to the Bitcoin network via THORChain. This cross-network transfer path has significantly increased the complexity of asset recovery and highlights the security challenges inherent in multi-chain interaction environments.
The IoTeX team stated that vulnerabilities were patched immediately after the incident, related addresses were frozen, and cooperation was initiated with centralized exchanges to intercept suspicious fund flows. The ioTube bridge service will resume after completing an independent security audit. A compensation plan and additional security upgrades will also be introduced, with a detailed reimbursement proposal to be released within 48 hours alongside a community AMA session.
In recent years, cross-chain bridges—due to their asset-locking mechanisms and multi-chain validation architectures—have become prime targets for attackers. Beyond patching technical vulnerabilities, real-time on-chain monitoring and fund flow tracing capabilities are equally critical.
By leveraging professional on-chain risk identification systems such as Trustformer KYT, platforms can issue real-time alerts for abnormal large transfers, cross-chain asset movements, and interactions with high-risk addresses. Early detection significantly shortens response times and reduces potential losses.
As multi-chain ecosystems become increasingly interconnected, cross-chain security extends beyond single-chain smart contract integrity. It encompasses key management, operational processes, and comprehensive on-chain monitoring frameworks. Deploying solutions like Trustformer KYT enables institutions to identify potential threats more effectively and enhance overall compliance and risk control standards.
The ioTube incident once again underscores a vital industry lesson: cross-chain innovation must advance in parallel with security reinforcement. Only through continuous monitoring and rapid response mechanisms can platforms safeguard user assets and maintain ecosystem trust within complex multi-chain environments.