The popular cryptocurrency exchange Phemex became the target of a massive cyberattack on January 23, 2025, resulting in the theft of over $85 million in digital assets. Due to the breach the platform suspended deposits and withdrawals temporarily, while working to contain the damage and implement new security measures.
The security incident occurred when the exchange detected unusual activity in its hot wallet.
Hot wallets are connected to the internet and are generally used for facilitating day-to-day transactions.
Phemex immediately responded by activating its emergency protocols, halting all deposit and withdrawal functions, and isolating the compromised devices to prevent further damage.
“We quickly activated our emergency response mechanism, suspended related functions, and began addressing potential vulnerabilities,” the company’s official statement said. The exchange also confirmed that its cold wallets, which are offline and generally used to store assets securely, were unaffected by the attack.
Initially, the stolen funds were estimated at $29 million, but over the weekend the estimated amount increased to at least $85 million.
In the aftermath of the breach, Phemex has been working closely with third-party security firms and law enforcement agencies to investigate the attack and determine the source of the breach.
While the platform resumed withdrawals, Phemex advised its users not to use old deposit addresses, as they could delay the processing of transactions.