Share this article
North Korean Attackers Linked to $54M CoinEx Hack, Blockchain Data Suggests
A hot wallet of the crypto exchange used to hold users’ tokens was exploited by attackers on Tuesday.
Sep 13, 2023, 11:43 a.m.
Make us preferred on Google
North Korean attackers linked to a recent crypto exploit could be behind the latest crypto business security causality, according to data cited by blockchain sleuth ZachXBT and verified by CoinDesk.
CoinEx exchange was hacked for an estimated $27 million on Tuesday – a figure that later ballooned to $54 million worth of tokens drained from the exchange as details of several impacted wallets were released by the exchange through Wednesday afternoon.
STORY CONTINUES BELOW
#CoinExResponseUpdate - We've identified the 3rd series of suspicious wallet addresses linked to the hack:
— CoinEx Global (@coinexcom) September 13, 2023
We are working nonstop to track down the hackers' addresses. Here are the recently identified addresses:$BSC:
*0xC844F7178379782eC19F3EE6E399f2EB7b2b984F$ARB:…
The hackers siphoned ether , XRP, tron's TRX, MATIC, solana's SOL, kadena's KDA and dagger's XDAG tokens after exploiting a lax security measure on wallets used by the exchange. CoinEx has since released over 10 “suspicious” addresses on several networks, such as Ethereum, BNB Chain, and Arbitrum, where the tokens were transferred.
Analysis of these wallets by popular blockchain sleuth ZachXBT shows some transactions were routed to wallets that were involved in a $41 million exploit of crypto betting platform Stake earlier this month. Those wallets are linked to the North Korean attacker group Lazarus, infamous for targeting crypto businesses.
It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon.
— ZachXBT (@zachxbt) September 13, 2023
0x75497999432b8701330fb68058bd21918c02ac59 pic.twitter.com/9qZPdc3yhT
Another address was seemingly directly funded by the Stake attacker earlier this week and then received tokens from the CoinEx attack,
Meanwhile, CoinEx said Wednesday that the impacted funds represented a small amount of total user holdings and that all remaining assets on the exchange “remained safe.”
The Samoa-registered CoinEx traded over $22 million across 730 offered trading pairs on its platform in the past 24 hours, data shows.
More For You
Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.
What to know:
Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.
The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.
More For You
Deus X CEO Tim Grant: We aren't replacing finance; we're integrating it
The Deus X CEO discussed his journey into digital assets, the company's infrastructure-led growth strategy, and why his Consensus Hong Kong panel promises "real talk only."
What to know:
- Tim Grant entered crypto in 2015 after early exposure to Ripple and Coinbase, drawn by blockchain’s ability to improve traditional finance rather than replace it.
- Deus X combines investing and operating to build regulated digital finance infrastructure across payments, prime services, and institutional DeFi.
- Grant will be speaking at Consensus Hong Kong in February.
Top Stories
