CoinEx, a highly regarded global cryptocurrency exchange, recently fell victim to a significant security breach that sent shockwaves through the cryptocurrency community. The breach involved unauthorised access to CoinEx’s hot wallets, which led to the illicit appropriation of substantial amounts of digital assets that were pivotal in supporting the exchange’s day-to-day operations.

This unprecedented incident unfolded on September 12, highlighting the ongoing vulnerabilities and challenges within the cryptocurrency ecosystem.
The Stolen Assets
Preliminary Findings
As the investigation into the breach unfolds, preliminary findings have revealed that the perpetrators strategically targeted a wide array of digital assets. These assets include but are not limited to Ethereum (ETH), Tron (TRON), and Polygon (MATIC) cryptocurrencies. However, CoinEx has opted to exercise caution in disclosing the full extent of the financial damage incurred at this early juncture.
Initial reports emanating from blockchain security firm PeckShield provide an initial glimpse into the magnitude of the attack. According to their estimations, the malevolent actors managed to siphon off approximately $19 million in ETH, $11 million in TRON, $6.4 million in Smart Chain Coin (BSC), $6 million in Bitcoin (BTC), and an approximate sum of $295,000 in MATIC.
Total Estimated Loss
When amalgamating these figures, PeckShield’s comprehensive assessment points to a staggering total loss of approximately $43 million. It is imperative to underscore that this estimation encapsulates the total of the losses attributed to this security breach. Thankfully, an additional reserve of $72 million stored in better-fortified cold wallets remains unscathed, a crucial cushion safeguarding against more extensive financial devastation.
User Impact and Compensation

In a bid to mitigate the adverse effects of this incident on its user base, CoinEx has offered categorical assurances that individual user assets remain unscathed by the breach. To further demonstrate its commitment to customer protection, the exchange has gone a step further by pledging to provide full compensation to any parties that may have incurred losses stemming from this regrettable incident.
As a proactive measure to safeguard user assets, CoinEx has temporarily suspended all deposit and withdrawal services. These essential functions will be reinstated only after CoinEx’s proficient IT team can attest that every potential security vulnerability has been thoroughly identified and effectively neutralised.
Investigation and Transparency
While CoinEx has been relatively reserved in divulging specific details about the breach, the exchange is steadfast in its commitment to transparency. It has emphatically stated its intention to furnish a comprehensive report that meticulously outlines the incident, the precise modus operandi of the attackers, and the measures undertaken as part of the response strategy. However, this comprehensive report will only be released once the ongoing investigations conclude.
During this interim period, CoinEx is actively engaged in the tracking of wallet addresses linked to the hack. In collaboration with other leading exchanges, the objective is to create a formidable barrier that makes it increasingly challenging for the malefactors to move or liquidate the stolen assets. This collective effort aims to recover as much of the pilfered digital wealth as possible.
A Possible Lazarus Connection

The surge in multi-million-dollar cryptocurrency heists has raised concerns about the involvement of sophisticated threat actors, with the North Korean state-backed group “Lazarus” repeatedly surfacing as a primary suspect. Although no official attribution has been made in the CoinEx case, the astute observations of blockchain investigator ZachXBT cannot be ignored.
ZachXBT’s meticulous analysis has uncovered a noteworthy link: One of the wallet addresses implicated in the CoinEx hack had previously been associated with the Lazarus group. This ominous connection cannot be dismissed lightly, as Lazarus has garnered notoriety for its alleged involvement in a slew of high-profile cryptocurrency thefts in recent months.
These include the brazen heist of $35 million from Atomic Wallet in June, the audacious appropriation of $60 million from Alphapo in July, and the calculated extraction of an additional $37.3 million from CoinsPaid, also in July. These incidents prompted heightened concerns, with the FBI issuing warnings about the group’s activities, including the alarming potential for money laundering and preparations to transfer stolen cryptocurrency.
CoinEx’s plight is not an isolated one. Stake.com, a notable crypto casino platform, also fell victim to a security breach recently, resulting in the loss of a staggering $41 million in cryptocurrency. Just two days after the attack, the FBI officially corroborated the suspicions held by investigators, confirming that the Lazarus group was the orchestrator of the theft.
Conclusion
In conclusion, the CoinEx security breach serves as a stark and sobering reminder of the persistent threats looming over the cryptocurrency industry. As the investigations continue to unfold and the exchange’s response measures take effect, the entire cryptocurrency community eagerly anticipates the forthcoming comprehensive report. This report promises to shine a revealing light on the intricate details of the incident and the meticulous response procedures. Do you have thoughts that you want to share with us? Do let us know on Facebook, Instagram, and Twitter.
Frequently Asked Questions
What Happened in the CoinEx Cryptocurrency Exchange Hack?
CoinEx has reassured its users that their assets remain unaffected by the hack. The exchange has temporarily suspended all deposit and withdrawal services to safeguard user assets. These services will resume only once CoinEx’s IT team ensures that all security risks have been eliminated. Additionally, the exchange has promised full compensation for any parties who suffered losses due to the incident.
Are User Assets Safe on CoinEx After the Hack?
CoinEx has reassured its users that their assets remain unaffected by the hack. The exchange has temporarily suspended all deposit and withdrawal services to safeguard user assets. These services will resume only once CoinEx’s IT team ensures that all security risks have been eliminated. Additionally, the exchange has promised full compensation for any parties who suffered losses due to the incident.
Is There Any Connection to the Lazarus Hacking Group?
While no official attribution has been made in the CoinEx case, there are indications that one of the wallet addresses involved in the hack was previously associated with the Lazarus group. This group, believed to be backed by North Korea, has been implicated in several high-profile cryptocurrency thefts in recent months. Confirming a connection to Lazarus could shed light on the sophistication and motivations behind the attack and may prompt further investigations into the group’s activities.
Author Profile

Latest entries
TECHNOLOGY2023.10.02Stripping Headlines From News Links Could Mark Musk’s Latest Revamp to Platform X
GAMING2023.10.01The 6 Best Alternatives to Red Dead Redemption 2
GAMING2023.10.01A Breakdown of Elden Ring’s 8 Most Rewarding Catacombs
TECHNOLOGY2023.10.01Huawei Building Secret Network for Chips, Trade Group Warns