Lazarus Group Strikes Again: Suspected Masterminds Behind $55 Million CoinEx Heist

The recent $55 million cryptocurrency heist at CoinEx has sent shockwaves rippling through the industry. Suspicions are now pointing towards the notorious Lazarus Group, a state-backed hacking entity hailing from North Korea, as the architects of this audacious cybercrime.

Connecting the Digital Dots The trail leading to the Lazarus Group's involvement in both the CoinEx and Stake.com hacks was illuminated by on-chain investigator ZachXBT. In a twist of fate, ZachXBT stumbled upon a pivotal connection: a single Ethereum wallet address that seemed to be under the control of the malevolent forces responsible for both breaches.

The connection was far from subtle – this wallet was the recipient of funds siphoned off during the Stake.com hack and was spotted interacting with the address that received the pilfered CoinEx funds.

In ZachXBT's own words:

"It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon."

The CoinEx Saga Unfolds The tumultuous events at CoinEx began on September 12, as a colossal exodus of funds was observed heading towards an address devoid of any transaction history. The alarm bells rang loudly, signaling a potential security breach. Initial estimates hinted at losses around $27 million, but as the dust settled, security firm SlowMist confirmed the staggering figure of over $55 million.

CoinEx Global sprang into action, swiftly moving to reassure its user base. They emphasized that user assets remained secure and vowed to provide "100% compensation" to those impacted by the breach. As a precautionary measure, the exchange temporarily suspended deposits and withdrawals, pledging to vigilantly monitor the situation. Additionally, CoinEx has committed to releasing a comprehensive report on the incident in the coming days.

The Investigative Pursuit In response to alerts from diligent on-chain investigators, CoinEx acknowledged the suspicious withdrawals from several hot wallet addresses used for storing exchange assets. While the investigation is ongoing, CoinEx has temporarily suspended deposits and withdrawals across the Ethereum, Tron, and Polygon blockchains, affecting a range of tokens.

In an earnest bid to rebuild trust and promote transparency, CoinEx has promised users a detailed chronicle of the hack's timeline, accompanied by a comprehensive report. The exchange remains resolute in its pledge to compensate all users who suffered losses in the attack.

Cryptocurrency's Ongoing Battle The CoinEx Global attack compounds the escalating losses that have plagued the cryptocurrency landscape, arising from exploits, hacks, and scams. A report by cybersecurity firm CertiK paints a sobering picture: by August 2023, nearly $1 billion had already been lost to such incidents in the current year alone.

August, in particular, witnessed malicious attacks draining approximately $45 million from various sources. Notably, the Lazarus Group had previously been fingered by the U.S. Federal Bureau of Investigation (FBI) as the culprits behind the $41 million heist targeting Stake.com.