The Phemex exchange attack may have been carried out by North Korean hackers, according to security experts.
Phemex lost around $70 million in cryptocurrencies as a result of a breach on January 23. According to reports, the attack appears to follow similar patterns to vulnerability attacks on other well-known cryptocurrency exchanges.
Phemex Exchange Attack: What Had Happened?
Allegedly, a security compromise at the Phemex Exchange resulted in the theft of $29 million worth of money on January 23rd. However, it seems the attack went on and additional tokens were taken.
Cyvers Alerts had claimed that the Phemex exchange hot wallet had identified more than $29 million in suspicious transactions across many chains that could have been compromised.
The claims state that these assets, which come from chains like BNB, ETH, OP, POL, BASE, and ARB, had been converted into ETH.
Earlier on Thursday, the Singapore-based exchange suspended withdrawals after receiving warnings about questionable activity from multiple blockchain security companies. At the time, about $30 million had been spent, but it seems the attack went on and additional tokens were taken.
The attackers seem to have targeted high-value assets first, such as base-layer tokens, such as by draining Bitcoin, Ethereum, and SOL early in the attack, in addition to stablecoins, as is the case with many attacks. Notably, the attackers exchanged millions of dollars in frozen USDC and USDT for ETH very fast.
Phemex Acknowledges Hack Warnings
Soon after the reports of the alleged hack went online, Phemex CEO Federico Variola wrote in response to the report on X. He stated “Hello everyone, as we look into a report on one of our hot wallets, rest assured our cold wallets remain safe and can be checked by everyone here. We will post more updates shortly.”
The security breach reports coincide with an increase in hacking, breaches, and frauds in the industry.
Crypto Hacks See Rise on A Global Level
The Phemex security issue coincides with an increase in illegal activity in the industry. The Nasdaq’s official X (formerly Twitter) account was compromised and used to promote the phony meme coin $STONKS just yesterday.
The hacker exploited the authenticity of a fake X account by labeling it as a Nasdaq affiliate and then retweeting posts to raise the memecoin’s prominence.
Compared to 2023, losses from cryptocurrency hacks have increased significantly in 2024. PeckShieldAlert estimates that the total loss from cryptocurrency breaches in 2024 was over $3.01 billion, which is nearly 15% greater than the $2.61 billion that was taken in 2023.
This amount includes $2.15 billion from cryptocurrency hacks and $834.5 million from frauds. Remarkably, almost $485.50 million of the total amount lost over the year has been recovered thus far.