Hong Kong-based cryptocurrency exchange CoinEx revealed that hackers stole more than $70 million in tokens due to a leak of private keys, and the team hopes to open communication lines to recover the funds.
CoinEx representatives revealed more details to Cointelegraph about their ongoing investigation, with the team working to build and deploy new wallet architecture to restore affected users and platform functionality.
Although an estimated $70 million worth of cryptocurrency was stolen from the platform, the exchange claimed that the amount represented only a small portion of its total assets under management. CoinEx said affected users will be fully compensated for all lost funds.
2/ We have determined a strategy for resuming withdrawals and will gradually resume these services within 7 working days. Ensuring 100% asset security remains our top priority before re-enabling withdrawal functionality.
— CoinEx Global (@coinexcom) September 18, 2023
CoinEx said it was still investigating the identity of the person responsible for the security breach, which some blockchain security companies blamed on North Korean Lazarus Group hackers.
“In addition, we have opened communication channels to hackers and hope to actively participate in reaching a mutually agreeable solution.”
The exchange explained that an initial investigation pinned the root cause on a leak of private keys to its hot wallet. These are used to store exchange assets for deposits and withdrawals.
Related: New York bans CoinEx exchange, seizes $1.7 million in crypto assets
In order to avoid further losses, CoinEx suspended the withdrawal service, repaired the system vulnerability, and transferred the remaining assets in the affected hot wallets. The exchange told Cointelegraph that it expects to gradually resume withdrawals within seven working days.
“Our team is currently focused on building and deploying a new and powerful wallet system to handle activity across 211 chains and 737 assets.”
As Cointelegraph originally reported, CoinEx first flagged an “unusual withdrawal” from one of its hot wallets on September 12, first transferring 4,947 ether (ETH). The hackers then began withdrawing large amounts of other coins to the same address.
The value of the stolen funds was initially estimated at $27 million, but the value doubled within a week of the incident.
North Korean hackers have been plundering the cryptocurrency space over the past few years, responsible for the largest theft in the space to date. The 2022 Axie Infinity Ronin Bridge hack alone resulted in more than $650 million being stolen.
Blockchain analysis firm Chainaanalysis estimates that North Korean hackers stole approximately $340 million in cryptocurrency in 2023. That number is expected to rise following the CoinEx hack and the $41 million hack of cryptocurrency gambling platform Stake on September 4.
Magazine: Web3 Gamer: PUBG Developers’ Web3 Project, Animoca’s $20M Funding, Shardbound Review
Svlook
