Condividi questo articolo
North Korean Attackers Linked to $54M CoinEx Hack, Blockchain Data Suggests
A hot wallet of the crypto exchange used to hold users’ tokens was exploited by attackers on Tuesday.
North Korean attackers linked to a recent crypto exploit could be behind the latest crypto business security causality, according to data cited by blockchain sleuth ZachXBT and verified by CoinDesk.
CoinEx exchange was hacked for an estimated $27 million on Tuesday – a figure that later ballooned to $54 million worth of tokens drained from the exchange as details of several impacted wallets were released by the exchange through Wednesday afternoon.
STORY CONTINUES BELOW
#CoinExResponseUpdate - We've identified the 3rd series of suspicious wallet addresses linked to the hack:
— CoinEx Global (@coinexcom) September 13, 2023
We are working nonstop to track down the hackers' addresses. Here are the recently identified addresses:$BSC:
*0xC844F7178379782eC19F3EE6E399f2EB7b2b984F$ARB:…
The hackers siphoned ether , XRP, tron's TRX, MATIC, solana's SOL, kadena's KDA and dagger's XDAG tokens after exploiting a lax security measure on wallets used by the exchange. CoinEx has since released over 10 “suspicious” addresses on several networks, such as Ethereum, BNB Chain, and Arbitrum, where the tokens were transferred.
Analysis of these wallets by popular blockchain sleuth ZachXBT shows some transactions were routed to wallets that were involved in a $41 million exploit of crypto betting platform Stake earlier this month. Those wallets are linked to the North Korean attacker group Lazarus, infamous for targeting crypto businesses.
It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon.
— ZachXBT (@zachxbt) September 13, 2023
0x75497999432b8701330fb68058bd21918c02ac59 pic.twitter.com/9qZPdc3yhT
Another address was seemingly directly funded by the Stake attacker earlier this week and then received tokens from the CoinEx attack,
Meanwhile, CoinEx said Wednesday that the impacted funds represented a small amount of total user holdings and that all remaining assets on the exchange “remained safe.”
The Samoa-registered CoinEx traded over $22 million across 730 offered trading pairs on its platform in the past 24 hours, data shows.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
ZKsync Lite to Shut Down in 2026 as Matter Labs Moves On
The company framed the move, happening in early 2026, as a planned sunset.
What to know:
- Matter Labs plans to deprecate ZKsync Lite, the first iteration of its Ethereum layer-2 network, the team said in a post on X over the weekend.
- The company framed the move, happening in early 2026, as a planned sunset for an early proof-of-concept that helped validate their zero-knowledge rollup design choices before newer systems went live.
Top Stories
