CoinEx, a cryptocurrency exchange that recently fell victim to a significant breach, has extended an open invitation to the hackers responsible for the attack. The breach, which occurred on September 12, resulted in the loss of approximately $70 million worth of digital assets, a higher figure than initially reported. The identity of the perpetrators has been confirmed as the notorious North Korean-sponsored Lazarus Group.
A Lesson Learned
In a candid open letter dated September 15, CoinEx acknowledged the profound impact of the security breach on its users, citing the millions who entrust their assets to the platform. The letter appealed for a dialogue and negotiation with the hackers in an attempt to recover the stolen assets and enhance the overall security infrastructure.
The CoinEx team expressed a newfound awareness of the paramount importance of ensuring robust asset security on the platform. They emphasized their desire to address the concerns and frustrations of affected users, acknowledging the far-reaching consequences of the breach.
A Generous Offer
CoinEx went further by extending a remarkable offer to the hackers: a “generous bug bounty” as an incentive to return the stolen assets. This move signifies an extraordinary attempt to rectify the situation and prevent further damage. Additionally, the company pledged to work collaboratively with the attackers on future security system upgrades, underlining their commitment to fortify their defenses.
The breach was initially attributed to the Lazarus Group, a North Korean hacking collective notorious for its involvement in high-profile cyberattacks and cybercrime activities. The group’s involvement in the CoinEx hack was uncovered by on-chain investigator ZachXBT, shedding light on the sophisticated nature of the attack.
Road to Recovery
CoinEx is actively working to calculate the full extent of the financial damage incurred during the breach. While the figure of $70 million may appear substantial, the exchange is quick to stress that it represents only a small fraction of its total assets. The company is focusing on comprehensive wallet upgrades and collaborating with industry partners and peer exchanges to freeze related suspicious addresses.
Though a definitive timeline for the resumption of services has not been provided, CoinEx has indicated that withdrawals will gradually reopen following rigorous security checks. Furthermore, the exchange has assured affected users that they will be fully reimbursed for their losses, with detailed compensation plans to be unveiled in official announcements in the near future.
In a remarkable display of transparency and commitment to security, CoinEx’s unconventional approach to resolving the crisis stands as a unique chapter in the cryptocurrency industry. While the outcome of this unprecedented invitation remains uncertain, it underscores the importance of dialogue and cooperation in the ever-evolving world of digital assets and cybersecurity.