CoinEx cryptocurrency exchange has reached out to the perpetrators, identified as the infamous Lazarus Group, and proposed negotiations. The exchange is also offering a substantial bounty reward in exchange for the return of stolen assets.
CoinEx, which fell victim to the audacious hack on September 12, initially estimated the loss at around $55 million. However, as investigations progressed, the exchange revised the figure to approximately $70 million, revealing the extent of the attack was more severe than previously thought. Nevertheless, CoinEx reassured its users that this constituted only a small portion of its overall assets.
CoinEx Offers Generous Bug Bounty
In an open letter addressed directly to the hackers on September 15, the exchange acknowledged the gravity of the situation. To sweeten the deal, CoinEx has extended a “generous bug bounty” proposal to the hackers if they decide to return the stolen assets. This gesture is seen as an attempt to encourage cooperation and facilitate the safe recovery of the cryptocurrency.
CoinEx has also committed to enhancing its security infrastructure to prevent future breaches. In an unprecedented move, the exchange invited the attackers to collaborate on improving its security system for the benefit of all users.
ZachXBT Identifies Lazarus Group as Hackers
The identity of the hackers was unveiled by on-chain investigator ZachXBT, who confirmed the involvement of the notorious North Korean-sponsored Lazarus Group. This revelation sheds light on the increasing sophistication of cybercriminals targeting cryptocurrency exchanges.
In response to the breach, the exchange temporarily suspended all deposits and withdrawals, initiating a comprehensive investigation to assess the extent of the damage. While the exchange did not specify a resumption date for its services, it affirmed that withdrawals would gradually reopen following rigorous security assessments.
CoinEx is also gearing up to implement wallet upgrades in the upcoming week. Additionally, the exchange has committed to fully reimbursing affected users, demonstrating its dedication to safeguarding the interests of its valued customers.