North Koreaβs Lazarus Group is suspected to be behind the recent hack of crypto exchange CoinEx, which resulted in the theft of over $55 million in cryptocurrencies from several hot wallets. This notorious group has a history of targeting crypto businesses and is believed to have conducted other hacks on betting site Stake and payment processor Alphapo. Blockchain sleuths Slowmist and ZachXBT have discovered that some of the stolen funds from CoinEx were sent to wallets connected to the recent $41 million hack on Stake. Additionally, these addresses were also linked to the attack on Alphapo in July, resulting in $60 million in losses. Cybersecurity firms PeckShield and Cyvers Alert were the first to notice suspicious outflows of funds from CoinExβs wallets.
CoinEx suspended withdrawals after detecting βanomalous withdrawalsβ from its hot wallet addresses. The stolen funds were sent to a wallet with no prior transaction history, raising suspicions of a hack. A series of large transfers involving different cryptocurrencies were made from CoinEx hot wallets to a single address. This included the conversion of tokens into Ethereum using Uniswap. The hackers also transferred significant amounts of DAI, Graph (GRT) tokens, Uniswap (UNI) tokens, and other tokens to the same address. Additional transactions were observed, including transfers to Tron and Polygon addresses. These initial transactions resulted in losses of $27.4 million.
Further investigation revealed that other wallets had been drained of assets, including Bitcoin, Arbitrum, Solana, XRP, and more. The total loss now stands at around $55 million worth of crypto. CoinEx reassured its users that their funds were safe and promised 100% compensation for any losses incurred. The exchange stated that a detailed timeline and comprehensive report would be shared with the community soon.
The exploit appears to be a result of a private key compromise, a vulnerability that has led to over $377 million in losses across the crypto industry. CoinEx, which specializes in Bitcoin Cash (BCH), had previously boasted about its strong security infrastructure and claimed to have never experienced any security breaches. However, hacks and scams continue to plague the industry, with close to $1 billion lost by the end of August. This yearβs losses are expected to surpass last yearβs $3.2 billion.
Hot Take: North Koreaβs Lazarus Group Strikes Again with CoinEx Hack
North Koreaβs Lazarus Group has once again demonstrated its prowess in hacking cryptocurrency exchanges with the recent attack on CoinEx. This notorious group has a history of targeting crypto businesses and has now emptied several hot wallets holding more than $55 million in cryptocurrencies. The hack follows similar attacks on betting site Stake and payment processor Alphapo, suggesting that Lazarus Group is ramping up its efforts in the crypto space.
The stolen funds from CoinEx were traced back to wallets connected to the Stake hack earlier this month, as well as the attack on Alphapo in July. This indicates a pattern of coordinated attacks by Lazarus Group, likely driven by their desire for financial gain. It is alarming to see North Korea continuing its cyber operations despite international sanctions and condemnation.
This incident serves as a reminder that even exchanges with robust security infrastructure like CoinEx are not immune to attacks. The crypto industry must remain vigilant and invest in comprehensive security measures to protect usersβ funds. As the value of cryptocurrencies continues to rise, hackers will only become more determined in their efforts.