The attack on crypto exchange CoinEx, which drained at least $55 million, was carried out by the North Korean hacker group Lazarus, according to blockchain security firm SlowMist and on-chain investigator ZachXBT. The hacker group was identified after it inadvertently exposed its address, which was the same one used in the recent Stake and Optimism hacks.
It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon.
— ZachXBT (@zachxbt) September 13, 2023
On Sept. 12, CoinEx saw large outflows of funds to an address without any prior history. Security experts immediately suspected that the exchange was breached, with initial estimates reaching approximately $27 million. At the time of writing, security firm SlowMist noted that the losses from the exploit had reached more than $55 million.
After the hack, CoinEx Global assured users that their assets were secure and that affected parties would “receive 100% compensation” for any losses due to the hack. Apart from this, the exchange temporarily suspended deposits and withdrawals for added security. The exchange continues to monitor the situation and has promised a comprehensive report about the incident to be published in the near future.
Based on their on-chain behavior, the hackers responsible for the hack appear to be connected to the recent $41-million hack on the crypto gambling site Stake. On Sept. 7, the United States Federal Bureau of Investigation (FBI) concluded that the attack on Stake was performed by North Korea’s Lazarus Group.
The recent attack on CoinEx Global adds huge figures to the mounting losses due to exploits, hacks and scams within the crypto space. On Sept. 1, cybersecurity firm CertiK reported that, as of August 2023, almost $1 billion had already been lost due to such incidents since January this year. In August alone, around $45 million was stolen from various malicious attacks.