At 14:18 (UTC) on September 12, 2023, Cyvers Alerts posted a tweet regarding suspicious withdrawals on CoinEx Exchange. Crypto assets including ETH, TRON, MATIC, and more from CoinEx’s hot wallets were transferred to unknown addresses, raising suspicions of a potential hack.
The CoinEx team responded to the incident on Twitter at 17:38 the same day. According to the official statement, the exchange’s Risk Control System had detected anomalous withdrawals from several hot wallet addresses used to store CoinEx’s exchange assets. In prompt response, the team formed a special investigation team to delve into the incident and promised to offer 100% compensation for any loss due to this breach.
Official response from @CoinExGlobal
We reached out to the CoinEx team for more details about the breach. They informed us that its security team has been tracking the stolen funds and making progress. At 18:20 on September 12, CoinEx disclosed the first batch of hacker wallet addresses on Twitter and sought assistance from various blockchain organizations to freeze them.
The suspicious addresses are listed below:
CoinEx disclosed the second batch of hacker addresses they identified at 2:41 on September 13:
As of now, CoinEx has disclosed three batches of hacker addresses and asked relevant project teams and exchanges to monitor and freeze the suspicious addresses.
Users are concerned, as they currently cannot withdraw funds from CoinEx. Luckily, they have been assured by the exchange that, for the sake of asset security, withdrawals will resume as soon as the hacker addresses are fully identified and isolated after “a thorough review”. The team also emphasized that user assets remain “secure and untouched”.
Unlike cold wallets, which are kept offline and therefore safer, hot wallets are more vulnerable to hacks. The past few years have witnessed numerous incidents of exchange hacks and coin theft, dealing a heavy blow to blockchain security. Finding effective ways to keep hackers at bay remains a challenge for crypto exchanges.
As of this writing, CoinEx is still assessing the losses incurred. We will continue to closely follow this situation and provide updates as soon as possible.