News

North Korea’s Lazarus Group fingered in CoinEx hack

Published

1 year ago

September 13, 2023

Hong Kong’s crypto landscape has witnessed numerous significant advancements. Despite encountering licensing challenges for its crypto businesses, the region has seen new companies enter the space. However, news of a substantial security breach has overshadowed this progress. Recent reports have linked the breach, estimated to have caused a loss of around $54 million, to North Korea.

North Korea’s involvement in the crypto space has sparked controversy for some time, with numerous cyberattacks attributed to the country. The Lazarus Group, a notorious North Korean hacker group, has gained notoriety for its role in multiple hacks. In a recent incident, the FBI accused the group of hacking Stake.com and stealing crypto assets worth $41 million. Additionally, ZachXBT has claimed that the group is responsible for the $54 million CoinEx breach.

It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon.

0x75497999432b8701330fb68058bd21918c02ac59 pic.twitter.com/9qZPdc3yhT

— ZachXBT (@zachxbt) September 13, 2023

The hackers committed a critical error by linking their address to the crime on Optimism and Polygon Networks. This mistake allowed the crypto sleuth ZachXBT to connect the dots and uncover the culprits quickly.

The losses resulting from the activities of the Lazarus Group have now exceeded billions of dollars, highlighting the devastating impact of their criminal actions. Their frequent appearances in the news have spurred renewed calls for enhanced security at both the individual and protocol levels.

CoinEx continues to filter out suspicious wallets

However, in the aftermath of the security breach, CoinEx has been meticulously assessing the full extent of the compromised crypto assets. This process has led to the identification of additional questionable wallet addresses linked to the violation.

Urgent Notice: Security Incident on CoinEx – Immediate Actions Underway

On September 12, 2023, our Risk Control System detected anomalous withdrawals from several hot wallet addresses used to store CoinEx's exchange assets. Promptly recognizing the gravity of the situation, we…

— CoinEx Global (@coinexcom) September 12, 2023

The exchange reported the theft of several acquisitions, including cryptocurrencies like Ethereum (ETH), Tron (TRX), Binance Coin (BNB), Bitcoin (BTC), XRP, Solana (SOL), and BCH.

#CoinExResponseUpdate – We've identified the 3rd series of suspicious wallet addresses linked to the hack:

We are working nonstop to track down the hackers' addresses. Here are the recently identified addresses:$BSC:
*0xC844F7178379782eC19F3EE6E399f2EB7b2b984F$ARB:…

— CoinEx Global (@coinexcom) September 13, 2023

The exchange has not only halted deposit and withdrawal services but has also been actively filtering out suspicious addresses to prevent further distribution of the stolen funds, as indicated in its post.