CoinEx, a cryptocurrency exchange platform, has recently experienced a security breach, raising concerns among its users and the wider crypto community. In this article, we will delve into the details of the incident, exploring the impact, potential causes, and the response from CoinEx.
According to official reports from September 12, CoinEx detected a security incident that involved unusual withdrawals from its hot wallets, where exchange funds are stored. The unauthorized transactions primarily targeted Ethereum (ETH), TRON (TRX), and Polygon (MATIC). Additionally, it appears that an XRP address was also affected. While CoinEx has not yet determined the exact value of the losses, it emphasized that the affected amount is relatively small compared to its total assets.
In an attempt to reassure its users, CoinEx issued a tweet stating that their assets are secure and untouched. The exchange also promised 100% compensation for any losses incurred due to the breach. As part of the security measures, CoinEx temporarily suspended deposit and withdrawal services, which will resume after a thorough review of the incident.
Cyvers Alerts, an independent security firm, initially discovered the security breach. Deddy Lavid, the CEO of Cyvers Alerts, revealed that his firm had made significant efforts to contact CoinEx executives. However, it appears that CoinEx did not respond adequately, prompting Lavid to urge the exchange to establish communication for further information regarding the threat.
Cyvers Alerts estimated that the attack resulted in approximately $27 million worth of cryptocurrency being compromised. This included $18.12 million of ETH, $8.5 million of TRX, and $291,000 of MATIC. The firm also noted the involvement of several other ERC-20 tokens in the attack. Cyvers Alerts suggested several plausible causes for the incident, such as accidental leakage of address private keys, access control violations, or even deliberate wrongdoing like a “rug pull” or an inside job.
The security breach at CoinEx holds significance as the exchange is considered moderately sized, with a daily trading volume of $29.7 million as of September 12. It is worth noting that CoinEx withdrew from the U.S. market in February, citing changes in U.S. regulations and regulatory scrutiny in New York State as contributing factors to its decision.
The security breach at CoinEx raises serious concerns about the safety and integrity of cryptocurrency exchanges. While CoinEx has taken immediate steps to address the situation, compensating affected users and suspending deposit and withdrawal services, the incident serves as a reminder for all investors to exercise caution when entrusting their assets to third-party platforms. As the crypto space continues to evolve, it becomes imperative for exchanges to enhance their security measures and for users to remain vigilant in protecting their investments.