CoinEx exchange suspected of being hacked as $27M worth of crypto moved

September 12, 2023 Coin Telegraph

CoinEx exchange suspected of being hacked as M worth of crypto moved

A CoinEx hot wallet transferred $27.8 million of various tokens to a wallet with no previous history, leading experts to suspect a cyberattack.

On Sept. 12, crypto exchange CoinEx experienced abnormally large outflows to an address with no prior history, leading security experts to suspect the exchange was hacked. Blockchain security platform Cyvers Alerts has estimated the losses to be approximately $27 million.

Red CodeOur AI-powered model detected suspicious transactions related to @coinexcom 2 hours ago

The potentially stolen funds amount to $18.12M #Eth $8.5M #Tron and $291K in #Polygon

Possible causes: access control violations, private key leakage, rug pulling, insider job https://t.co/Wzw84azM9M pic.twitter.com/2bqHmE18Sr
— Cyvers Alerts (@CyversAlerts) September 12, 2023

At approximately 1:21 p.m. UTC on Sept. 12, a known CoinEx hot wallet transferred around 4,947 Ether (ETH), worth $7.9 million at the time, to Ethereum account 0x8bf8cd7F001D0584F98F53a3d82eD0bA498cC3dE. The receiving account had no prior history before this transaction.

Immediately after this transaction, the CoinEx hot wallet began transferring large amounts of tokens to the same address. Approximately 408,741 DAI stablecoin, 2.7 million Graph (GRT) tokens, 29,158 Uniswap (UNI) tokens, and many other tokens were transferred from the wallet.

Blockchain security firm PeckShield reported the outflow as “suspicious.” CryptoQuant head of research Julio Moreno also claimed that the behavior of the CoinEx wallet was "strange" as Ether reserves "are now basically zero ETH."

At the time of publication, Coinx has not made a public statement about the incident.

This is a developing story, and further information will be added as it becomes available.

Darknet Market Solaris Hacked by Competitor, Elliptic Reveals

January 22, 2023 Bitcoin.com

Bitcoin Mining Pool Btc.com Suffers $3 Million Cyberattack

December 27, 2022 Bitcoin.com

Bitcoin.org owner reports site hit with ‘absolutely massive’ DDoS attack

July 5, 2021 Coin Telegraph

bitcoin.org

The attack comes just one week after a U.K. court ordered the website to stop hosting the Bitcoin white paper.

A website aiming to support the development of Bitcoin has reportedly been hit with a DDoS attack.

Cøbra, the pseudonymous owner of Bitcoin.org, reported on Twitter today that the website had been hit with an “absolutely massive” distributed denial of service, or DDoS, attack along with a ransom demand for an undisclosed amount of Bitcoin (BTC). At time of publication, Bitcoin.org is still accessible.

“Back in the day you could put up a reasonable fight against most DDoS attacks,” said Cøbra. “Now they just down you at will. There is no ‘fight’ anymore, you go down and stay down until they leave you alone.”

https://t.co/OsFgRFRRZb getting hit with an absolutely massive DDoS attack and a ransom demand to send Bitcoin or they'll continue.

I don't think I've been this offended in a while. Ungrateful scum.
— Cøbra (@CobraBitcoin) July 5, 2021

While DDoS attacks have previously targeted major crypto exchanges, it seems somewhat unusual for attackers to go after a site like Bitcoin.org, which holds no information about funds or users, only open-source information on the BTC blockchain and the cryptocurrency. The website was the target of a similar DDoS attack in December, which resulted in users being unable to access the Bitcoin Core software for a few hours.

Last year, major DDoS attacks targeted Binance, OKEx and Bitfinex. At the time, CEO Changpeng Zhao claimed that the attack on Binance was undertaken by its competitors in an attempt to harm its reputation rather than steal funds.

This isn’t the first time the website has been in the news in recent weeks. Bitcoin.org has also been the target of legal threats from Craig Wright, the man who claims he created Bitcoin. Last week, a U.K. court ruled in favor of Wright claiming copyright infringement against Bitcoin.org for hosting the Bitcoin white paper — Cøbra did not mount a defense to the lawsuit.

"I didn’t show up because defending against nonsense is a waste of time,” the Bitcoin.org owner said at the time.

Following the court ruling, Bitcoin.org blocked access to download the Bitcoin Core software for any user with a U.K.-based IP address. The project has also removed any links to the Bitcoin white paper.

Hotbit crypto exchange shuts down for maintenance after attempted hack

April 30, 2021 Coin Telegraph

Coin Telegraph

The Chinese crypto exchange says funds are “SAFU” and that the emergency maintenance could take up to two weeks.

Cryptocurrency exchange platform Hotbit has shut down all of its services after an attempted cyberattack on Thursday.

“Hotbit just suffered a serious cyber-attack starting around 08:00 PM UTC, April 29, 2021, which led to the paralyzation of a number of some basic services,” a notice on the platform’s website reads.

The hackers were reportedly unsuccessful in gaining access to Hotbit’s wallets but did manage to compromise the platform’s user database. Thus, the Hotbit team has advised customers to disregard any communication from entities claiming to be representatives of the exchange.

With all normal operations currently paused during the ongoing maintenance, Hotbit also revealed that pending trading orders are canceled to prevent losses. Also, the exchange promised to bear any losses stemming from exchange-traded funds listed on its platform during the duration of the maintenance.

According to the Hotbit announcement, the maintenance will last for at least seven days with reports that the investigation and system upgrade could take as long as two weeks.

Addressing users on the exchange’s Telegram group, Alex Zhou, chief security officer of Hotbit, revealed that user funds were unaffected by the attack, stating: “The attacker tried to break into the wallet server to steal funds but the action was identified and blocked successfully by Hotbit risk control system. All users’ funds are safe.”

“At the same time, Hotbit is in the process of transferring all funds in hot wallet to cold wallet, the details of the whole integration could be seen on the chain,” he said.

Indeed, data from Ethereum transaction monitoring tool Etherscan shows multiple token outflows from one of Hotbit’s known wallets to another address that currently holds about $14 million in several altcoins.

However, the length of time given for the maintenance is causing significant unrest among Hotbit users judging by comments on social media and in the platform’s Telegram channel.

Fears over the incident being an exit scam by the Hotbit team are palpable. Earlier in April, two major exchanges in Turkey went offline, with their executives fleeing with millions of dollars in user funds. Both incidents have led to sweeping arrests by law enforcement agencies as well as plans by the government to establish a central custodian bank for cryptocurrency exchanges in Turkey.

cyberattack

Share this video