North Korean Lazarus Group Linked to Recent Cyber Attack: Investigation Reveals

North Korean Hacker Group Lazarus Group Responsible for CoinEx Crypto Exchange Hack

In a shocking revelation, cybersecurity firm SlowMist and on-chain analyst ZachXBT have linked the recent CoinEx crypto exchange hack to the notorious North Korean hacker group, Lazarus Group. This connection was made based on previous hacking incidents attributed to the Lazarus Group.

On September 12, 2023, alarms were raised by CoinEx’s Risk Control System regarding irregular withdrawals from several hot wallet addresses. The exchange immediately formed an investigative team to look into the breach. Initial findings showed unauthorized transactions involving Ethereum, Tron, and Polygon. While the exact amount of the stolen funds was initially unknown, SlowMist has confirmed that approximately $55.5 million was stolen.

CoinEx has recently identified a third series of suspicious wallet addresses across various blockchains, including BSC, ARB, OP, and XLM.

To reassure its users, CoinEx has stated that the stolen funds represent only a minor portion of the exchange’s total assets. They have also promised full compensation to those affected by the breach and temporarily suspended deposit and withdrawal services for a thorough review before resuming normal operations.

SlowMist’s investigation has uncovered two hacker addresses, one on Binance Smart Chain (BSC) and the other on Polygon, both labeled as Stakecom Exploiters. Their analysis suggests a potential connection between the Alphapo Exploiter, Stake Exploiter, and CoinEx Exploiter, all pointing to the Lazarus Group.

Stake, an Australian sports betting and crypto casino service provider, experienced a similar exploit last week, resulting in a loss of up to $41.3 million. The United States Federal Bureau of Investigation (FBI) recently announced that the Lazarus Group was responsible for the Stake hack.

ZachXBT, an on-chain sleuth, has also highlighted an address connection between the recent CoinEx hack and the Stake hack. According to ZachXBT, this connection provides a significant lead to the Lazarus Group’s involvement.

Interestingly, the Lazarus Group has recently moved assets from the Stake hack. They transferred Binance Coin (BNB) to various ChangeNOW custodian addresses, utilizing platforms such as TransitSwap, SwftSwap, SquidRouter, and OKX-DEX. The hackers bridged assets via TransitSwap, exchanged BNB for USDT-BEP20 on PancakeSwap, and then transferred the funds to the crypto exchange MEXC.

The exploits of the Lazarus Group in the crypto space are now estimated to be in the billions of dollars. These incidents highlight the urgent need for enhanced security measures within the blockchain industry. South Korean authorities are increasing efforts to prevent North Korea from funnelling these illicit funds into illegal weapons programs.

Despite the news of the CoinEx hack, the broader crypto market remains unaffected. The total crypto market cap has risen to $1.020 trillion, facing significant resistance at $1.022 trillion.

Sources: [1], [2]

❗Follow us on Twitter to get all the latest crypto news as soon as they're out! 🚀

J-S Tremblay
About the author - J-S Tremblay

I've been involved in the cryptocurrency world since 2016 and trading since 2019. I started Moon and Lambo in 2021. I'm passionate about crypto and love to share my knowledge. I hate bankers and I hope that cryptocurrency will change the financial world for the better. View full profile...

View J-S Tremblay website

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top