Cryptocurrency exchange CoinEx was the victim of a major hack earlier this week that resulted in the theft of a substantial amount of digital assets from the platform’s hot wallets. The incident occurred on September 12th and involved unauthorized transactions draining the exchange’s Ethereum, Tron, and Polygon cryptocurrency reserves.
While CoinEx has yet to disclose the full financial losses incurred, blockchain security firm PeckShield estimates that the hack netted the perpetrators approximately $43 million worth of stolen cryptocurrency. An additional $72 million in assets were also at risk during the attack, but CoinEx was able to transfer these funds to more secure cold storage wallets for protection.
According to PeckShield’s analysis, the hack specifically drained CoinEx of around $19 million in Ethereum, $11 million in Tron, $6.4 million in Smart Chain Coin, $6 million in Bitcoin, and $295,000 in Polygon. A more recent assessment by CertiK Alert puts the estimated losses from the hack even higher, at approximately $53 million in total.
CoinEx has assured users that client assets and funds were not impacted by the security breach. However, as a protective measure in the aftermath of the incident, the exchange has suspended all deposits and withdrawals. These services will remain offline until CoinEx’s IT team can eliminate all remaining risks.
While details remain limited, early signs suggest the attack may be the work of the North Korea-sponsored hacking group Lazarus, which has been implicated in several other major cryptocurrency exchange hacks in recent months. Blockchain investigator ZachXBT noted that one of the wallet addresses linked to the CoinEx hack had previous associations with Lazarus’ cyber activities.
The frequency of multi-million dollar crypto heists attributed to Lazarus has been increasing. The group is believed to be responsible for the theft of $35 million from Atomic Wallet in June, $60 million from Alphapo in July, and $37.3 million from CoinsPaid also in July. Around the same timeframe, the FBI warned that Lazarus appeared to be preparing to launder approximately $41 million in previously stolen cryptocurrency funds.
Earlier this month, the crypto platform Stake.com lost $41 million worth of crypto after its hot wallets were breached. Two days later, the FBI confirmed Lazarus as being behind the Stake.com hack. While no official attribution has been made in the CoinEx case, the similarities to known Lazarus cyber operations have raised suspicions of the group’s involvement.
CoinEx has stated it will release a full investigative report and timeline once all incident response and forensic analysis procedures are complete. For now, the exchange is focused on tracking the wallet addresses associated with the hack and collaborating with industry partners to prevent the laundering of the stolen assets.
