Exploits and hacks in crypto

Exploits and hacks have always been an issue since the beginning of the internet, but web3, more often than not, involves finances, and that adds a whole new layer of vulnerability. High-profile users and businesses are a major target, and with the recent hack on 9/12 of Hong Kong-based exchange CoinEx for $70 million, it's a reminder of how many bad actors are out there and how often they are targeting people. CoinEx founder and CEO Haipo Yang tweeted out about the incident afterward, pledging that users won't be affected financially.                                                                                      


CoinEx isn't the only victim lately, unfortunately. Recently, Stake was hacked as well, believed to be by the same group, getting away with $40 million. Then within the last few days, HMX (formerly Huboi) reported a hack, losing almost $8 million, and now today, Hong Kong-based Mixin reported a hack for $200 million, though it's not positive yet if it's the same group.

The group that has been responsible for several of these cryptocurrency hacks is known as the Lazarus group. They are a high-profile criminal organization attached to North Korea that has been linked to hacks as far back as 2007, from what I could find, with a malware attack known as Operation Flame against the South Korean government. This is the same group that carried out the major Sony attack in 2014 and the malware known as WannaCry, which really brought their name into the focus of the world.

List of known attacks from Lazarus group

  • Operation Troy (2009)
  • South Korean attack "Ten Days of Rain" (2013)
  • Sony breach (2014)
  • Operation Blockbuster (2016)
  • Bangladesh bank heist (2016)
  • WannaCry ransomware attack (2017)
  • Bitthumb/NiceHash/Coinlink/Youbit (2018)
  • ElectricFish (2019)
  • AstraZeneca hack (2020)
  • Attempts at Google and Microsoft users via social engineering (2021)
  • Axie Infinity (2022)
  • Horizen HarmonyOne Bridge (2022)
  • AlphaGo, CoinsPaid, AtomicWallet, Stake, Coinex (2023)

This isn't a comprehensive list, though, because depending on the source you use, you can find more attacks attributed to them, such as this report here, as well as the Chainalysis report into the sanctions taken against them and their money laundering process. Those give you a much deeper look into the organization as well.

An interesting thing about this group is that for as many hacks and exploits as they've been responsible for, it's not even exactly clear if these are international hackers hired by North Korea or North Korean cyber soldiers. It's also not known exactly how the attacks were carried out, but it seems like for Stake and CoinEx, their seed phrases were somehow compromised. As of September 14, 2023, a lowball estimated value of stolen cryptocurrency totals to almost $4 billion from 2023 alone. This is a massive problem affecting the crypto community as a whole, users, companies, negatively influencing regulatory processes, and public perception. It's all bad, but there really isn't a whole lot that can be done just follow best security practices and protect your accounts. These kinds of hacks and exploits make the case to use a hard wallet or some kind of offline device much stronger! Maybe not for your day-to-day activities if you're extremely active in crypto, but at the very least for your long-term bag, though it's still not foolproof—nothing online is.

How do you rate this article?



Heller! Was never much of a writer but decided to try my hand at blogging regularly about things I'm interested in like crypto, web3, trading, programming, linux, open source, cyber security and just general ramblings lol. Follow me @comosaycomosah 🙏

Cryptocurrency and opensource
Cryptocurrency and opensource

Exploring free and open source products in the cryptocurrency space.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.