On September 12, 2023, CoinEx, a global cryptocurrency exchange, suffered a hack resulting in anomalous withdrawals from hot wallets used to temporarily store exchange assets. This incident garnered widespread attention within and outside the blockchain industry.
Just 48 hours following the attack, CoinEx disclosed the details of this incident in a recent official announcement. CoinEx has preliminarily identified the leakage of private keys associated with the hot wallets as the root cause. The exchange has also stated that a thorough investigation is still underway.
In response to the hack, CoinEx promptly formed a special team to track suspicious addresses and transferred the remaining assets to secure wallets. Despite such prompt response, the crypto communities are still concerned as withdrawal services on the exchange remain suspended.
In response to the most pressing concern about withdrawals, CoinEx’s official announcement states that the team is currently focused on building and deploying an entirely new and robust wallet system to handle activities within the 211 chains and 737 assets, necessitating further time. CoinEx advised users to patiently wait for transfer and withdrawal services to be reactivated.
At 12:00 (UTC) on September 14, the founder of CoinEx, Haipo Yang, issued a public apology on X (formerly Twitter) to all affected users, marking his first statement since the incident. Reaffirming pledges for 100% compensation of asset losses, Haipo Yang also promised to provide transparency regarding the team’s efforts over the past 48 hours, as well as future plans. Specifically, Haipo Yang conveyed confidence in overcoming this challenge and commitment to diligently building an entirely new wallet architecture to reopen withdrawal service in a secure manner. He also acknowledged the hack served as a security wake-up call for CoinEx and promised to devote more resources to bolstering security infrastructure going forward.
The crypto sector has long faced cyber threats, with numerous illegal attacks on institutions. In recent years, exchanges of all sizes have been targeted. Many competitor platforms have commendably demonstrated blockchain’s collaborative ethos, actively assisting CoinEx’s remediation efforts on this hack.
Critical outstanding questions remain regarding timeframes for reactivating withdrawal services and implementing security upgrades against future attacks. We will continue monitoring updates on the CoinEx breach incident, providing stakeholders with timely information.