- Cryptocurrency exchange CoinEx suffered a major security breach with a loss of $55 million and suspected involvement of the notorious North Korean Lazarus Group.
- CoinEx responded swiftly, halting withdrawals and deposits to mitigate further damage, and pledging full compensation for affected users.
- The breach underscores a troubling trend in the crypto industry plagued by a rising number of security incidents, highlighting an urgent need for reinforced security infrastructure.
Cryptocurrency exchange CoinEx faced a debilitating security breach that involved the theft of cryptocurrencies amounting to at least $55 million. On September 12, 2023, CoinEx’s risk control system spotted irregular withdrawals from several hot wallet addresses. This anomaly was to soon unveil a security breach of considerable magnitude. Initially, the losses were speculated to be around $27 million, spread across assets including Ethereum (ETH), Tron (TRON), and Polygon (MATIC). However, a careful analysis indicated that the breach was far deeper, affecting various other cryptocurrencies and escalating the total potential loss to $55 million.
CoinEx has emphasized that this loss constitutes a small fraction of their total assets, assuring users of complete compensation for the losses sustained due to the breach. The company has boasted for years of being an exchange devoid of any security breaches.
The Lazarus Group Connection
As CoinEx initiated the investigation process, cryptocurrency enthusiasts and sleuths couldn’t help but notice striking similarities with another recent hack targeting Stake.com, a betting platform. The link goes as deep as involving the notorious North Korean Lazarus Group, a name that has been linked with several other high-profile hacks over the recent past, including attacks on payment processors and betting platforms, with the cumulative loss amounting to hundreds of millions of dollars.
Blockchain investigators like ZachXBT and firms such as SlowMist have been at the forefront in identifying a potential link, leveraging on-chain data to point out similarities in wallet addresses used in this and other recent hacks orchestrated by the Lazarus Group. With the stolen assets involving substantial amounts of Bitcoin, Ether, and XRP, the hacker group’s signature style and the trail of wallet addresses bring a shadow of certainty in identifying the culprits behind this operation.
CoinEx’s Pledge To Affected Users
CoinEx has been swift in responding to the crisis, promptly disabling withdrawals and deposits to curb any further exploitation. While guaranteeing the safety of unaffected assets, the exchange has vowed to ensure 100% compensation to the affected parties, a move that echoes its commitment to securing its user’s assets.
Despite the turmoil, CoinEx has faced the crisis head-on, promising transparency and regular updates to its user base. The crypto-community is eagerly awaiting a detailed timeline and comprehensive report that is to be shared in the upcoming days, shedding light on the event’s detailed landscape.
While the immediate focus remains on the CoinEx hack, it brings forth a grave reality the crypto industry grapples with — the rising incidence of security breaches. Even as security infrastructure sees sophisticated advancements, the industry remains plagued with hacks and scams, with the cumulative loss nearing a billion dollars as of August 2023. The constant tug of war between security systems and exploiters poses a continual challenge, putting to test the resilience and robustness of platforms in safeguarding users’ assets.
