Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used to support the platform's operations.
The incident occurred on September 12 and preliminary results of the investigation show that the unauthorized transactions involved Ethereum ($ETH), Tron ($TRON), and Polygon ($MATIC) cryptocurrency.
CoinEx has not provided any info about the financial impact incurred, as the investigation has yet to determine the complete losses.
However, a report from blockchain security firm PeckShield says that the attack drained CoinEx of about $19 million in $ETH, $11 million in $TRON, $6.4 million in Smart Chain Coin ($BSC), $6 million in Bitcoin (BTC), and approximately $295,000 in (MATIC).
According to PeckShield, the loss from this attack amounts to about $43 million, while the remaining $72 million kept on the same stash has been transferred to better-protected cold wallets.
A more recent estimation on the CoinEx losses coming from CertiK Alert raises the figure to $53 million, analyzed as seen in this document.
User assets have not been impacted by the incident, CoinEx said, and assuring that any parties suffering loss will receive full compensation.
At the time of writing, all deposit and withdrawal services on CoinEx have been suspended to protect user assets and will only resume after the exchange's IT team makes sure that all risk has been eliminated.
There aren't many public details about what happened but CoinEx promised to release a comprehensive report with a detailed timeline as soon as the investigations and the incident response procedures are concluded.
Currently, the company is tracking the wallet addresses linked to the hack and collaborates with other exchanges to make it harder for the attackers to move the stolen funds or to cash out.
Another Lazarus heist?
The frequency of multi-million-dollar crypto heists has increased, with the North Korean state-backed group 'Lazarus' being blamed for many of the recent high-profile incidents.
In the case of CoinEx, no official attribution has been made but blockchain investigator ZachXBT says that one of the wallet addresses involved in the hack was previously associated with Lazarus.
The threat group was linked to the theft of $35 million from Atomic Wallet in June, $60 million from Alphapo in July, and another $37.3 million from CoinsPaid, also in July.
At that time, the FBI also warned of the North Korean hacking group readying to cash $41 million worth of stolen cryptocurrency, as the law enforcement agency observed signals pointing to money laundering and activity in preparation of moving funds.
At the start of this month, the crypto casino platform 'Stake.com' announced that its ETH/BSC hot wallets had been compromised, leading to the loss of $41 million worth of crypto.
Two days after the attack, the FBI identified the Lazarus group as the cyber actors responsible for stealing the $41 million from Stake.com, confirming the suspicions.
Comments
GT500 - 8 months ago
Let us also not forget that there have been a number of CEO's in the cryptocurrency market who have taken the money and run. I think I vaguely remember an instance where a cryptocurrency exchange claimed to have been "hacked" when funds suddenly disappeared, however the CEO was investigated by authorities for stealing the funds himself (it was a while ago so I could be remembering incorrectly).
ThomasMann - 8 months ago
So, other than the fact that you might remember facts incorrectly, basically you are telling us that the world of crypto is like the real world ?
Of course you have to research the cryptocurrency exchange that you want to use, exactly the way you would choose any bank you use.
But unlike the bank, your crypto cannot be dimished by infaltion that is caused by the greed and power the corporations, and the corrupt incompetence of the politicians.
GT500 - 8 months ago
I'm not sure that researching crypto exchanges is enough. It seems like most crypto exchanges that have issues like this seem perfectly fine, until one day their money is suddenly gone and there's nothing anyone can do about it. The only safe way seems to be to avoid keeping your crypto in wallets controlled by exchanges, but as for what the best alternative that is I can't say for certain as just about anything can be lost or stolen.
horsedoggs - 8 months ago
Crypto has made 10% of people very wealthy and the remaining 90% very poor. It’s was the perfect Ponzi scheme the 10% sold they fake money for real money and cashed out in an hurry a the peak. Anyone that thinks they will get ritch via crypto is a fool. It’s on ropes and ready for the knock out! Good Riddens!
No1gr8 - 8 months ago
Pretty much. Criminal activity like ransomware would be nothing like it is today without cryptocurrency.
GT500 - 7 months ago
Before crypto they used Green Dot Money Packs. Some criminals still do. Believe it or not, there are ways for criminals to extort people for real money without it being easily traceable. Crypto is actually more difficult for the victims, because most don't understand where or how to buy it, or how to transfer it.
DarinCoki478 - 2 months ago
Let us also not forget that there have been a number of CEO's in the cryptocurrency market who have taken the money and run.