Losses From the CoinEx Hack Reach To $43 Million

Key Points:

Crypto exchange

CoinEx experiences a $43 million security breach, impacting five blockchains, including Ethereum, TRON, and Bitcoin. It swiftly suspends deposit and withdrawal services, ensuring user assets remain secure, while promising full compensation to affected parties. The exchanges proactive response includes setting up a dedicated investigation team, identifying suspicious wallet addresses, and collaborating with blockchain projects to enhance security.

Crypto exchange CoinEx faced a security breach that resulted in estimated losses of $43 million across five blockchains.

According to PeckShield monitoring, Ethereum took the biggest hit, losing $19 million, followed by TRON with $11 million, Bitcoin at $6.4 million, Bitcoin Cash with $6 million in losses, and Polygon at $295,000.

As reported, CoinEx moved swiftly, suspending deposit and withdrawal services to ensure user asset safety. The exchanges risk control system detected abnormal withdrawals from hot wallet addresses on September 12. Initial findings revealed unauthorized transactions involving ETH, TRON, and MATIC.

At approximately 1:21 pm UTC, a known CoinEx hot wallet transferred around 4,947 Ether, worth $7.9 million at the time, to an Ethereum account. The receiving account had no prior history before this transaction.

Immediately after this transaction, the CoinEx hot wallet began transferring large amounts of tokens to the same address. Approximately 408,741 Dai stablecoin, 2.7 million Graph (GRT) tokens, 29,158 Uniswap tokens and many other tokens were transferred from the wallet.

Blockchain security firm PeckShield reported the outflow as “suspicious.” CryptoQuant head of research Julio Moreno also claimed that the behavior of the CoinEx wallet was “strange,” as Ether reserves “are now basically zero ETH.”

At 5:25 pm UTC, CoinEx confirmed on Twitter that the platform had experienced suspicious withdrawals. “[O]ur Risk Control System detected anomalous withdrawals from several hot wallet addresses used to store CoinExs exchange assets,” the exchange said, adding that a “special investigative team” had been appointed to determine what happened.

The team also claimed that the withdrawn crypto is a small part of the exchanges total reserves and that users “will receive 100% compensation for any loss due to this breach.”

The exchange reassured users that their assets remained secure, emphasizing that the affected funds represented only a small portion of its total assets. The exchange pledged to fully compensate affected parties for their losses. Affected parties will receive 100% compensation for any losses incurred as a result of this attack.

In a later statement on the hacking event, CoinEx said that it had discovered and isolated suspicious wallet addresses linked to the hacking assault and that it was actively working with impacted encryption projects to create solutions.

The exchange urged relevant projects and institutions to assist in freezing the malicious attackers addresses. Security measures remain a priority, and CoinEx plans to restore deposit and withdrawal services once a thorough review is completed.