Hackers from Lazarus were suspected of hacking CoinEx for $55 million


Hackers from the DPRK-backed Lazarus Group may be behind the exploit of the CoinEx cryptocurrency exchange, SlowMist experts suggested.

On September 12, the platform confirmed the unauthorized outflow of assets from hot wallets, which PeckShield researchers had previously pointed out. The team suspended deposits and withdrawals, launched an investigation and promised 100% compensation to the victims.

SlowMist analyzed the addresses associated with the CoinEx hack and found that the estimated damage was ~$55.5 million.

During the study, they noticed that some hacker wallets were flagged as being involved in recent attacks on cryptocurrency payment provider Alphapo (losses up to $60 million) and betting platform Stake (~$41 million).

For example, an address in Polygon received funds from both CoinEx and Stake hacks. An Ethereum wallet labeled as belonging to the Alphapo exploiter was involved in swaps of assets stolen from the payment provider and betting platform.

Considering that FBI previously linked the attack on Stake to the Lazarus Group, it is likely that North Korean hackers were behind all three incidents, experts concluded.

Recall that in the first half of 2023, Pyongyang-backed hackers stole $180 million in cryptocurrencies.

The total damage to the industry from their actions has already reached $3 billion. Half of this amount went to finance the ballistic missile program.

Found an error in the text? Select it and press CTRL+ENTER

ForkLog newsletters: keep your finger on the pulse of the Bitcoin industry!

Leave a Reply