CoinEx, a cryptocurrency exchange, suffered a suspected hack resulting in a loss of over $27 million in stolen funds, prompting security measures and assurance to users.
Key Points
- Cryptocurrency exchange CoinEx experiences a suspected attack on September 12th.
- Cyvers, a blockchain security firm, detects and reports the breach, which resulted in losses exceeding $27 million.
- Stolen funds were transferred to a wallet with no transaction history, confirming the hack.
- CoinEx addresses the security breach, assures users of fund safety, and temporarily suspends deposit and withdrawal services for a security review.
A cryptocurrency exchange called CoinEx experienced a suspected attack on September 12th, leading to a significant outflow from its hot wallets. Cyvers, a blockchain security firm, promptly detected and reported the incident. According to Cyvers Alert, the breach resulted in losses exceeding $27 million across the hot wallets. All the stolen funds were transferred to a wallet with no transaction history, which raised suspicions and confirmed the hack.
Urgent Notice: Security Incident on CoinEx – Immediate Actions Underway
On September 12, 2023, our Risk Control System detected anomalous withdrawals from several hot wallet addresses used to store CoinEx's exchange assets. Promptly recognizing the gravity of the situation, we…
— CoinEx Global (@coinexcom) September 12, 2023
Movements in the Stolen Funds
Using Etherscan data, it was observed that the funds from the hot wallets initiated a series of transfers involving various cryptocurrencies. This began with approximately 4,947 Ether, equivalent to $7.9 million at the time. Other cryptocurrencies from the exchange wallet were then converted into Ethereum through Uniswap. Further movements included 408,741 DAI, 2.7 million Graph (GRT) tokens, 29,158 Uniswap (UNI) tokens, and various other tokens transferred to the same address.
Cyvers Alert also reported additional movements, such as approximately $11.5 million in crypto assets sent to a Tron address and $295,000 in assets sent to a Polygon address. In total, $27.4 million was spread across three different blockchain networks.
CoinEx Addresses Security Breach and Assures Users
CoinEx, a Hong Kong-based crypto exchange, officially addressed the breach and assured users of the safety of their funds. In a tweet titled “Urgent Notice: Security Incident on Coinex—Immediate Actions Underway,” CoinEx stated that the exact extent of the loss is still being determined.
The exchange emphasized that user funds remain secure and untouched. Any affected users will be compensated promptly and thoroughly. CoinEx also stated that deposit and withdrawal services will be temporarily suspended for security reasons until a thorough review of the breach is completed. The exchange is committed to providing the community with a detailed timeline and comprehensive report regarding the incident.
CoinEx’s dedication to security and trust is evident in their words: “Our priority has always been and will continue to be the security and trust of our users. We deeply regret any distress this may have caused and assure you of our unwavering dedication to safeguarding your interests.”
Concluding Thoughts
It is worth noting that CoinEx reached a settlement with New York Attorney General Letitia James in June 2023. As part of the settlement, CoinEx will refund over $1.7 million to New York investors and pay penalties. Additionally, the company is prohibited from operating in the state. This settlement came after James sued CoinEx for falsely representing itself as a crypto exchange and failing to register with the state of New York.
