The CoinEx Hack: Lazarus Group Strikes Again

The CoinEx Hack: Lazarus Group Strikes Again


2 min read

The latest victim of the Crypto space is CoinEx, a prominent cryptocurrency exchange, which recently reported a significant security breach due to compromised private keys resulting in an estimated loss of around $54 million.

Behind the Breach

On September 12th, unusual activities on several of their hot wallets were detected. Preliminary investigations suggest that compromised private keys, which are essential for accessing and transferring digital assets, might be the root cause of the breach. In a bid to control the situation, the exchange suspended all deposits and withdrawals and shifted the remaining assets to cold storage.

The primary suspect behind this massive heist? North Korea's notorious Lazarus Group. This isn't the first time the group has been linked to high-profile cyber attacks. Their fingerprints were also found on the Stake hack, where reportedly $41M were stolen.

While the estimated losses are staggering, CoinEx has assured its users that this represents only a fraction of their total assets. The exchange has pledged to compensate all affected users fully, ensuring that their faith in the platform remains unshaken.

Lessons from the Incident

The CoinEx hack underscores the persistent threat that state-sponsored hacking groups pose to the blockchain ecosystem. The involvement of North Korea's Lazarus Group in this breach highlights the lengths to which these groups will go to exploit vulnerabilities in cryptocurrency platforms. As these state-backed entities continue to refine their tactics, it becomes crucial for exchanges like CoinEx and the broader crypto community to remain vigilant, constantly updating and fortifying their security measures.

Rivanorth is a global boutique Web3 cybersecurity company. We specialise in smart contract audits and blockchain security advisory. Visit to find out more.

You build the future. We help you secure it.