CoinEx Exchange Hacked: Investigation and Recovery Efforts

The CoinEx cryptocurrency exchange experienced its first hack in six years of operation, and here’s what we know about the incident and the recovery efforts:

The Hack Incident

On September 12, 2023, at 21:20 UTC+8, CoinEx’s risk control system detected anomalies in the platform’s hot wallets, which store exchange assets. Approximately 4,947 ETH, 408,741 DAI, 2.7 million GRT, 29,158 UNI, and other tokens were withdrawn from CoinEx hot wallets.

The exchange’s CEO confirmed the hack, and a special investigative group was formed to look into the incident. The total damage is still being assessed, but initial estimates suggest losses of approximately $70 million.

To all CoinEx users & friends: We deeply regret the recent hack and extend our sincerest apologies to those affected. Your concern and attention have not gone unnoticed.

— Haipo Yang (@yhaiyang) September 14, 2023

Temporary Suspension of Deposits and Withdrawals

As a result of the hack, CoinEx temporarily suspended deposits and withdrawals for all users to focus on creating a new, secure wallet system. The platform is working tirelessly on this new architecture, covering 211 blockchains and 737 crypto assets.

Security tests are a priority before reopening access to user wallets to prevent further losses. CoinEx plans to restore normal operations within the next week.

Investigation into the Hack

The initial investigation suggests that compromised private keys of hot wallets led to the hack, though specific reasons remain unclear. CoinEx implemented advanced security measures within 48 hours of the incident, including suspending deposits and withdrawals and transferring remaining assets to secure addresses.

The exchange is cooperating with other platforms to freeze assets from suspicious addresses associated with the hack.

Communication with the Hackers

CoinEx has appealed to the hackers through its official Twitter account, hoping to engage in discussions regarding the stolen assets. The exchange is actively investigating the identity of the hackers and considering reports linking the attack to the Lazarus hacker group, although this has not been confirmed.

Security Enhancements and Future Plans

In response to the hack, CoinEx is committed to enhancing security protocols, conducting more frequent security threat checks, and strengthening early warning systems for potential attacks. A risk prevention fund will be established to bolster preparedness for unforeseen circumstances.

The exchange also plans to collaborate with security companies and industry partners to reinforce its security infrastructure and regain the trust of the community.

While CoinEx grapples with the aftermath of the hack, the incident has highlighted the importance of maintaining strong security measures in the cryptocurrency industry.