North Korea Steals $54M from CoinEx; Lazarus Group Strikes Again

Last Updated:
  • North Korea is responsible for attacking the crypto exchange CoinEx and stealing $54 million.
  • ZachXBT shared the news and linked the hack to the previous $41 million Stake hack.
  • CoinEx identified the suspicious wallets and shared them on X.

North Korea is allegedly responsible for attacking the crypto exchange CoinEx and stealing $54 million. ZachXBT, an on-chain detective, shared the news on X (Twitter). The hackers were also responsible for the $41 million Stake hack after they accidentally connected their addresses on OP and Polygon.

Lazarus Group is a cybercrime organization run by the North Korean government and is allegedly responsible for the recent CoinEx hack. Not much is known about the group, but they have been linked to many crypto scams.

On September 12, CoinEx shared that there had been anomalous withdrawals from several hot wallet addresses that were used to store CoinEx’s exchange assets. Moreover, the exchange suspended all withdrawals and deposits.

CoinEx identified and shared the “suspicious” wallet addresses linked to the hack. The number of wallet addresses is over 20, and the stolen funds were withdrawn from many blockchains, such as Ethereum, Bitcoin, Tron, BNB Chain, Polygon, Arbitrum, and more.

In addition to exploiting CoinEx, Lazarus Group is also responsible for hacking gambling platform Stake, according to SlowMist, a blockchain security company. “CoinEx exploiter, Stake exploiter, and Alphabo exploiter may all have ties to the North Korean hackers known as Lazarus Group,” Slowmist reported.

On September 4, Stake lost $41 million worth of crypto as a result of the hack. After that, the company resumed all services and offered user compensation distribution to all Stake users.

ZachXBT previously shared that Lazarus Group hackers stole up to $290 million worth of crypto from previous hacks.

The majority of the crypto community responded to ZachXBT’s tweets by expressing confusion about how it can be guaranteed that the Lazarus Group is from North Korea. Others showed sarcasm, and one user said, “North Korea is running out of money, so they resorted to hacking.”