CoinEx cryptocurrency exchange recently experienced a major security breach, resulting in the theft of approximately $54 million worth of tokens. The attackers exploited a vulnerability in the exchange’s wallets and siphoned various tokens, including ether (ETH) , XRP  , tron’s TRX , MATIC , SOL , KDA , and XDAG .
CoinEx detected anomalous withdrawals from its hot wallet addresses and determined that the incident was caused by a hot wallet private key falling into the wrong hands . As a result, the exchange suspended deposits and withdrawals  , transferred remaining assets to safe addresses , and is currently rebuilding its wallet system.
Analysis of the wallets involved in the attack has revealed links to the North Korean attacker group Lazarus , which has previously targeted crypto businesses . This connection suggests that the stolen funds may be used to fund the regime’s nuclear and missile programs . CoinEx has released several “suspicious” addresses where the stolen tokens were transferred  . Furthermore, the investigation has uncovered a connection between the CoinEx attack and a $41 million exploit on the cryptocurrency betting platform Stake , which was also linked to Lazarus .
Despite the breach , CoinEx reassures users that their assets will not be affected by the heist . The impacted funds represent a small amount of total user holdings , and all remaining assets on the exchange are secure  . CoinEx is actively working to freeze the assets of the attackers . The exchange has continued to operate and facilitate significant trade volume .
The attack on CoinEx is suspected to have been carried out by North Korean hackers, who stole $53 million worth of cryptocurrency after obtaining a leaked private key. CoinEx is taking steps to secure its platform and compensate affected users . The investigation has revealed a suspected involvement of North Korea, and stakeholders of OP & Polygon are awaiting updates on the investigation . The incident highlights the ongoing threat of cyberattacks in the cryptocurrency industry and the need for robust security measures to protect user assets.