HOYA BIT exchange hot wallet attacked! Official statement: User funds are not affected

On January 22, 2026, the Taiwan digital asset exchange HOYA BIT was monitored for abnormal on-chain data. An address related to the platform's hot wallet experienced large-scale and high-frequency fund transfers in a short period, resulting in a cliff-like drop in wallet balance, drawing significant attention from the cryptocurrency community. In response, HOYA BIT took preventive maintenance measures immediately and issued a statement early this morning clarifying that the affected scope is limited to the platform's own assets, and system security operations have been completed.
On-chain data exposure of $600,000 outflow, high-frequency transfers attract attention
According to on-chain data analysis tool Arkham cited by Coin View, monitoring shows that since January 22, a group of addresses starting with 0xBA5, highly related to exchange wallets, saw asset balances plummet from about 1 million USD to 1,000 USD, and have now rebounded to 200,000 USD.
Records show that this address has conducted as many as 147 outflow transactions in a short period, with a total of nearly 600,000 USD being transferred to an unknown address starting with 0x355.
From the transaction frequency and token quantity, it is evident that this batch of funds displays obvious automated features, flowing out in integers, in bulk, and at high frequency, quickly being split into multiple wallets, ultimately flowing to decentralized protocols like ChangeNOW that have fast exchange functions.
This operational model is significantly different from the dispersed and irregular withdrawal behaviors of general users, indicating that the control permissions of the hot wallet at that time may have been in an abnormal state.
HOYA BIT responded: It only involves the platform's own assets, and user asset security is guaranteed.
Regarding this abnormal cash flow, HOYA BIT's official Facebook announced on the morning of the 22nd at 11:00 AM the implementation of temporary system maintenance, and today (23rd) at 3:00 AM, they released the official service recovery notice.
According to the official statement, during routine operations on the 22nd, abnormal withdrawal activities were discovered in some wallet assets. To ensure overall system security, the platform has decided to take the most rigorous approach by suspending all platform services for technical inspection, including comprehensive reinforcement of API Key, signature permissions, and backend management permissions.
HOYA BIT has always adopted a strict structure of separating cold and hot wallets. This attack only involved the platform's own assets in the hot wallet, and user funds are safely stored in vaults and offline cold wallets, remaining unaffected.
The official emphasized that this incident will not affect the user assets and personal information held by the company. The platform has now completed all necessary security reinforcement operations, and all services are back to normal. At the same time, they have initiated third-party professional investigations and on-chain tracking operations, maintaining close communication and cooperation with relevant partners and law enforcement.
This article reports that the hot wallet of HOYA BIT exchange was attacked! Official statement: User funds are unaffected. First appeared on Chain News ABMedia.