Hackers steal $53 million worth of cryptocurrency from CoinEx


Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used to support the platform’s operations.

The incident occurred on September 12 and preliminary results of the investigation show that the unauthorized transactions involved Ethereum ($ETH), Tron ($TRON), and Polygon ($MATIC) cryptocurrency.

tweet

CoinEx has not provided any info about the financial impact incurred, as the investigation has yet to determine the complete losses.

However, a report from blockchain security firm PeckShield says that the attack drained CoinEx of about $19 million in $ETH, $11 million in $TRON, $6.4 million in Smart Chain Coin ($BSC), $6 million in Bitcoin  (BTC), and approximately $295,000 in (MATIC).

According to PeckShield, the loss from this attack amounts to about $43 million, while the remaining $72 million kept on the same stash has been transferred to better-protected cold wallets.

Tracked CoinEx losses
Tracked CoinEx losses (PeckShield)

A more recent estimation on the CoinEx losses coming from CertiK Alert raises the figure to $53 million, analyzed as seen in this document.

User assets have not been impacted by the incident, CoinEx said, and assuring that any parties suffering loss will receive full compensation.

At the time of writing, all deposit and withdrawal services on CoinEx have been suspended to protect user assets and will only resume after the exchange’s IT team makes sure that all risk has been eliminated.

There aren’t many public details about what happened but CoinEx promised to release a comprehensive report with a detailed timeline as soon as the investigations and the incident response procedures are concluded.

Currently, the company is tracking the wallet addresses linked to the hack and collaborates with other exchanges to make it harder for the attackers to move the stolen funds or to cash out.

Another Lazarus heist?

The frequency of multi-million-dollar crypto heists has increased, with the North Korean state-backed group ‘Lazarus’ being blamed for many of the recent high-profile incidents.

In the case of CoinEx, no official attribution has been made but blockchain investigator ZachXBT says that one of the wallet addresses involved in the hack was previously associated with Lazarus.

Zack

The threat group was linked to the theft of $35 million from Atomic Wallet in June, $60 million from Alphapo in July, and another $37.3 million from CoinsPaid, also in July.

At that time, the FBI also warned of the North Korean hacking group readying to cash $41 million worth of stolen cryptocurrency, as the law enforcement agency observed signals pointing to money laundering and activity in preparation of moving funds.

At the start of this month, the crypto casino platform ‘Stake.com’ announced that its ETH/BSC hot wallets had been compromised, leading to the loss of $41 million worth of crypto.

Two days after the attack, the FBI identified the Lazarus group as the cyber actors responsible for stealing the $41 million from Stake.com, confirming the suspicions.





Source link