CoinEX hack was by North Korea’s Lazarus Group: SlowMist
- CoinEx was hacked for over $54 million, with blockchain security firms tying the attack to North Korea’s Lazarus Group.
- The hackers are reportedly the same one behind recent attacks on Optimism and Polygon.
The hack on crypto exchange CoinEx was likely carried out by hackers from North Korea’s Lazarus Group, according to details shared by blockchain security firm SlowMist.
After highlighting that the security breach on CoinEx had seen more than $54 million in various crypto assets stolen, SlowMist posted another alert earlier today noting the attack could be the work of the notorious North Korea-affiliated group.
🚨SlowMist Security Alert🚨
1/ @coinexcom Exploiter, @Stake Exploiter and #Alphapo Exploiter may all have ties to the North Korean Hackers known as #LazarusGroup.
Here’s how we came to that conclusion: https://t.co/IGNldb2ZZJ pic.twitter.com/SLGzSgbCis
— SlowMist (@SlowMist_Team) September 13, 2023
Blockchain sleuth ZachXBT also pointed to the same conclusion, noting that Lazarus Group had inadvertently connected the same wallet address used in the hack on Stake on the Optimism and Polygon networks.
It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon.
0x75497999432b8701330fb68058bd21918c02ac59 pic.twitter.com/9qZPdc3yhT
— ZachXBT (@zachxbt) September 13, 2023
CoinEx says users will be compensated
As CoinJournal reported yesterday, the attack on CoinEx saw huge flows from the exchange’s hot wallets with initial reports putting the total amount drained at nearly $28 million. Today, after further blockchain security checks, the heist has reportedly reached more than $54 million.
Unauthorised fund transfers initially involved ETH, TRON, and MATIC. However, that has since expanded to include BTC, XRP, SOL, BCH and BSC tokens.
CoinEX has since provided an update assuring all affected users that they will be compensated 100%. The exchange had earlier halted deposits and withdrawals.