CoinEx, a well-established cryptocurrency exchange founded in 2017, recently became the victim of a cyber attack. Though the company did not provide comments upon request, it issued a statement acknowledging that unusual withdrawal activities were observed from several wallets designated for holding the platform’s assets.
Investigation Unveils Unapproved Transactions
A team was immediately set up to investigate the incident, uncovering unauthorized transactions that involved Ethereum (ETH), TRON, and Polygon tokens. Although the exact losses are yet to be quantified, independent blockchain security agencies have estimated that approximately $31 million in cryptocurrencies were siphoned off from CoinEx’s wallets.
Details of Stolen Assets
According to PeckShield, a blockchain security company, the hackers managed to steal about $19 million in ETH, $11.5 million in TRON, and $295,000 in Polygon coins from the platform.
CoinEx's Assurance to Users
CoinEx has emphasized that the stolen funds make up only a minor fraction of the exchange’s total assets. The company reassured its user base, stating, “All users should remain assured that their assets are safe. Anyone affected by this breach will be fully compensated.” To bolster platform security, the exchange has temporarily suspended deposit and withdrawal services until a thorough review is completed.
The Road Ahead: Identifying and Isolating the Issue
In a follow-up announcement, CoinEx revealed that wallet addresses associated with the cyber attack have been identified and isolated. The company is currently in the process of developing a remedy for affected parties and has advised other cryptocurrency exchanges to remain vigilant for activities related to the compromised wallet addresses.
Context: A Rising Tide of Crypto Attacks
This recent breach follows a string of cyber attacks targeting cryptocurrency platforms in 2023. Over the past quarter, multiple platforms such as Exactly Protocol, Harbor Protocol, and Vyper—renowned for its Web3 programming languages—also experienced hacks. Many of these incidents were reportedly carried out by hackers linked to North Korea’s military.
North Korea's Alleged Involvement
The Lazarus group, associated with North Korea, has emerged as a significant player in orchestrating attacks on crypto platforms. The group is suspected of using the stolen funds to support North Korea’s nuclear programs. Recent attacks attributed to the group include a $35 million and a $100 million hack of Atomic Wallet, along with two separate attacks that resulted in $60 million being stolen from Alphapo and $37 million from CoinsPaid.
2022: A Year of Increased Crypto Hacks
Blockchain analytics firm Chainalysis released data suggesting that 2022 was a landmark year for cyber attacks against cryptocurrency firms. According to the firm, approximately $3.8 billion was stolen from crypto companies, marking an increase from the $3.3 billion lost in 2021.
Summary & Conclusion
The recent cyber attack on CoinEx serves as a wake-up call for the cryptocurrency industry, highlighting the importance of robust security measures. With cyber attacks on the rise, especially those connected to state actors like North Korea, it’s crucial for exchanges and users to remain vigilant and prioritize security. CoinEx’s prompt action to identify the issue, halt services, and reassure users sets a precedent for how crypto platforms should respond in such critical situations.