North Korea’s Lazarus Group was likely behind a hack of crypto exchange CoinEx that emptied several hot wallets holding more than $55 million in cryptocurrencies.
The notorious group, known for targeting crypto businesses, is also believed to have conducted other recent hacks on betting site Stake and payment processor Alphapo.
Blockchain sleuths Slowmist and ZachXBT say some of the hacked CoinEx funds were sent to wallets connected to Stake’s $41 million hack earlier this month. Some of the addresses used were also connected to the attack on Alphapo in July that resulted in $60 million of losses.
It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon.
— ZachXBT (@zachxbt) September 13, 2023
🚨SlowMist Security Alert🚨
— SlowMist (@SlowMist_Team) September 13, 2023
Cybersecurity firms including PeckShield and Cyvers Alert were the first to spot a suspicious outflow of funds from the exchange’s wallets.
— PeckShield Inc. (@peckshield) September 12, 2023
CoinEX Detected ”Anomalous Withdrawals”
CoinEx suspended withdrawals to facilitate a thorough review and investigation. It subsequently tweeted that it had “detected anomalous withdrawals from several hot wallet addresses used to store CoinEx’s exchange assets.”
The fact that all of the stolen money was sent to a wallet with no prior transaction history instantly sparked suspicions for the security companies, which led them to believe that CoinEx had been hacked.
According to Etherscan data, a series of sizable transfers involving different cryptocurrencies were started by 4 CoinEx hot wallets to a single address. The first transaction in the sequence moved about 4,947 Ether, or about $7.9 million at the time.
This was followed by using Uniswap to convert a number of other tokens from the exchange wallet into Ethereum. Then, a notable movement of tokens from the hot wallet to the same address involving 408,741 DAI, 2.7 million Graph (GRT) tokens, 29,158 Uniswap (UNI) tokens, and numerous other tokens took place.
According to data by Cyvers Alert, additional transactions including the transfer of over $8.5 million in cryptocurrency assets to a Tron address and $291,000 in assets to a Polygon address were also noted. This initial sequence of transactions amounted to $27.4 million in losses.
Upon further investigation, the crypto exchange discovered several other wallets that had been drained of assets in the form of various crypto tokens including Bitcoin, Arbitrum, Solana, XRP, and several others. As such, the total loss has quickly increased to around $55 million worth of crypto.
However, in its post on X, CoinEx said that the actual amount of the loss was still being determined, adding that it was “just a very small portion of CoinEx’s total asset[s].”
Urgent Notice: Security Incident on CoinEx – Immediate Actions Underway
On September 12, 2023, our Risk Control System detected anomalous withdrawals from several hot wallet addresses used to store CoinEx’s exchange assets. Promptly recognizing the gravity of the situation, we…
— CoinEx Global (@coinexcom) September 12, 2023
The exchange also went on to assure its customers that their funds were safe and that they would be made whole in the event of any losses.
“We assure all users: your assets are secure and untouched. Affected parties will receive 100% compensation for any loss due to this breach,” CoinEx said adding “You have our solemn promise that a detailed timeline and comprehensive report about this incident will be shared with the community as swiftly as possible.”
New Ties Emanate
Continued investigations have revealed that the exploit is reportedly a result of a private key compromise, a vulnerability that has so far led to the loss of over $377 million across the industry.
— CertiK Alert (@CertiKAlert) September 13, 2023
CoinEx Boasted Last Month That It Had No Security Breaches
Established in 2017, crypto exchange CoinEx made its name by centering around Bitcoin Cash (BCH) after the first hard fork of Bitcoin. In a blog post last month, the crypto exchange boasted that it “has never suffered any security breach thanks to its world-class security infrastructure”.
Unfortunately, given the nature of the blockchain and cryptocurrency sector, exploits have become increasingly common with new ways being devised even as security levels increase across platforms.
According to a report by CertiK, the crypto industry lost close to $1 billion to hacks and scams by the end of August, and the value is expected to continue increasing, possibly surpassing last year’s loss of $3.2 billion.
Ends Soon – Wall Street Memes
- Early Access Presale Live Now
- Established Community of Stocks & Crypto Traders
- Featured on Cointelegraph, CoinMarketCap, Yahoo Finance
- Rated Best Crypto to Buy Now In Meme Coin Sector
- Team Behind OpenSea NFT Collection – Wall St Bulls
- Tier One Exchange Listings September 27
- Tweets Replied to by Elon Musk