Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Cyber Attacks North Korean Hackers Suspected in $70M Phemex Crypto Exchange Exploit
Crypto Attack Cryptocurrency exchange Cyber Attacks DMM Hacker attack North Korea North Korea Hackers

North Korean Hackers Suspected in $70M Phemex Crypto Exchange Exploit

North Korean hackers may be behind the $70M Phemex crypto exchange exploit. The attack drained BTC, ETH, and SOL, prompting an investigation.
Thursday, January 30, 2025

 

A significant cyberattack on the Singapore-based cryptocurrency exchange Phemex has resulted in the loss of over $70 million in digital assets. Blockchain security experts believe the incident may be linked to North Korean hackers. The breach was detected on Thursday, prompting Phemex to suspend withdrawals after receiving alerts from security firms about unusual activity. 

Initially, approximately $30 million was reported stolen, but the attack persisted, leading to further asset depletion. The company’s CEO, Federico Variola, confirmed that the exchange’s cold wallets remained intact and unaffected. According to cybersecurity analysts, the tactics used in this attack resemble previous high-profile exploits targeting crypto exchanges.

The perpetrators swiftly transferred various tokens across multiple blockchain networks, beginning with high-value assets such as Bitcoin (BTC), Ethereum (ETH), and Solana (SOL), along with stablecoins like USDC and USDT. Since stablecoins can be frozen, the attackers quickly converted them into Ethereum before moving on to smaller, less liquid tokens. 

Researchers tracking the breach noted that hundreds of different cryptocurrencies were stolen, with attackers draining even minor altcoins. The process was reportedly carried out manually rather than through automated scripts, with assets transferred to fresh addresses before being laundered through additional layers of transactions. Experts believe the scale and coordination suggest the involvement of an experienced hacking group.  

A pseudonymous investigator known as SomaXBT.eth pointed to a North Korean-affiliated group as the likely culprit, noting similarities between this incident and previous attacks attributed to state-backed hackers. Another security analyst compared the breach to the attack on Japan’s DMM platform, which resulted in the theft of $308 million and was linked to the North Korean hacking group TraderTraitor. Data from blockchain explorers shows that the attackers utilized at least 275 transactions across Ethereum-based chains, using multiple addresses to siphon funds from networks such as Arbitrum, Base, Polygon, Optimism, and zkSync. 

Additionally, transactions were tracked across Avalanche, Binance Smart Chain, Polkadot, Solana, and Tron. A primary wallet connected to the breach handled at least $44 million in stolen funds, while notable amounts included $16 million in SOL, $12 million in XRP, and $5 million in BTC. Despite the losses, Phemex still holds roughly $1.8 billion in assets, the majority of which are in its native PT token, followed by significant holdings in Bitcoin and USDT. 

The exchange has announced that it is developing a compensation plan for affected users. As of the latest reports, activity from the attacker’s addresses appears to have ceased, with the final recorded transactions occurring around 10:00 AM ET.
Tags: Crypto Attack Cryptocurrency exchange Cyber Attacks DMM Hacker attack North Korea North Korea Hackers
Share it:

Crypto Attack

Cryptocurrency exchange

Cyber Attacks

DMM

Hacker attack

North Korea

North Korea Hackers