Compromised private keys led to $70M theft
Hong Kong-based cryptocurrency exchange CoinEx has revealed that compromised private keys allowed hackers to steal over $70 million of tokens as the team looks to open lines of communication to claw back funds.
CoinEx representatives unpacked the finer details of their continuing investigation to Cointelegraph as the team works to build and deploy a new wallet architecture to restore impacted users and functionality of the platform.
Despite an estimated $70 million worth of cryptocurrency being stolen from the platform, the exchange claims this amount represents a small percentage of its total assets under management. CoinEx stated that affected users will be compensated entirely for any lost funds.
2/ We’ve finalized our strategy to resume withdrawals and are set to progressively resume these services within 7 working days. Ensuring 100% asset security remains our top priority before reactivating withdrawal functionalities.
— CoinEx Global (@coinexcom) September 18, 2023
CoinEx said that it was still investigating the identity of those responsible for the security breach, which a handful of blockchain security firms attribute to North Korean Lazarus Group hackers.
“Additionally, we have opened communication channels to the hackers in hopes of proactive engagement toward a mutually agreeable resolution.”
The exchange explained that a preliminary investigation pinned the root cause to a compromised private key for its hot wallets. These were used to store exchange assets for carrying out deposits and withdrawals.
CoinEx suspended its withdrawal service to avoid further losses, patched system vulnerabilities and transferred the remaining assets from the affected hot wallets. The exchange told Cointelegraph that it expects to resume withdrawals progressively within seven working days.
“Our team is currently focused on building and deploying an entirely new and robust wallet system to handle activities within the 211 chains and 737 assets.”
As Cointelegraph initially reported, CoinEx first flagged “anomalous withdrawals” from one of its hot wallets on Sept. 12, beginning with a transfer of 4,947 Ether (ETH). The hackers then began withdrawing large amounts of other tokens to the same address.
The value of stolen funds was first estimated at $27 million but has doubled in the week following the incident.
North Korean hackers have preyed on the cryptocurrency space for the past few years and have been responsible for the largest thefts in the space to date. The 2022 Axie Infinity Ronin Bridge hack alone saw over $650 million stolen.
Blockchain analytics firm Chainalysis estimates that North Korean hackers have stolen around $340 million of cryptocurrency in 2023. This number is now expected to rise with attributions made to the CoinEx hack and a $41 million hack of cryptocurrency gambling platform Stake on Sept. 4.