13 September 2023

Crypto exchange CoinEx hacked, millions in cryptocurrencies stolen


Crypto exchange CoinEx hacked, millions in cryptocurrencies stolen

Hong Kong-based cryptocurrency exchange CoinEx Global has been hit by a cyberattack, resulting in an estimated loss of $43 million in cryptocurrencies.

The attack took place on September 12, 2023, and affected CoinEx’s Ethereum, TRON, and Polygon wallets. The company has confirmed the incident in a post on social media and said that it launched an investigation into the hack.

“On September 12, 2023, our Risk Control System detected anomalous withdrawals from several hot wallet addresses used to store CoinEx's exchange assets. Promptly recognizing the gravity of the situation, we immediately established a special investigative team to delve into the matter,” CoinEx said, noting that the precise amount of the loss is still being determined, and the affected funds are just a very small portion of CoinEx’s total asset.

Following the breach the exchange halted deposit and withdrawal services and assured customers that the affected parties would receive full compensation for any loss due to the hack.

On Wednesday morning the exchange said it identified a second and a third set of suspicious wallet addresses linked to the breach, which siphoned off tokens such as Ether, XRP, Solana, Kadena and Dagger.

Blockchain security and data analytics company PeckShield estimated CoinEx loss to be roughly $43 million - ~$19M (ETH), ~$11M (TRON), ~$6.4M (BSC), ~$6M (BTC), ~$295K (MATIC).

Earlier this month, the world’s largest cryptocurrency casino and sportsbook platform Stake suffered a security breach that saw more than $41 million in crypto assets stolen from its hot wallets. The FBI has linked the hack to the infamous North Korean threat actor Lazarus Group previously blamed for multiple high-profile crypto thefts such as the $100 million Harmony Bridge hack and the $622 million Ronin Network heist.


Back to the list

Latest Posts

Cyber Security Week in Review: June 21, 2024

Cyber Security Week in Review: June 21, 2024

In brief: The US bans Russia’s Kaspersky software, Chinese cyber espionage actor exploits Fortinet, Ivanti, and VMware zero-days, and more.
21 June 2024
Russian Nobelium hackers  target French diplomatic entities and public orgs

Russian Nobelium hackers target French diplomatic entities and public orgs

Nobelium's tactics involve using hacked legitimate email accounts belonging to diplomatic staff to conduct phishing campaigns.
20 June 2024
Chinese cyber espionage actor exploits Fortinet, Ivanti, and VMware zero-days

Chinese cyber espionage actor exploits Fortinet, Ivanti, and VMware zero-days

The group relies heavily on valid credentials for lateral movement between guest virtual machines on compromised VMware ESXi servers.
20 June 2024