Australia’s Largest Crypto Exchange CoinSpot Loses $2M Plus to Hackers
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
Cyber attackers are still knocking on the door of crypto exchanges. The latest victim is Australia’s largest centralized exchange, CoinSpot, which has reportedly lost $2.4 million.
Funds Moved From CoinSpot’s Hot Wallet
Breaking the news to his Telegram subscribers, renowned blockchain sleuth ZachXBT announced that Australia’s largest crypto exchange by reported users had been hacked of 1,282 Ether, worth roughly $2.4 million in current market conditions.
The digital funds were stolen from the Bitcoin exchange’s hot wallet.
#PeckShieldAlert ZachXBT @zachxbt has reposted that #CoinSpot wallets appear to be drained ~$2M worth of $ETH (~1,282 ETH)
The presumed attacker 0x326d…89B8 has bridged ~831 $ETH for 41 $BTC via #Thorchain and swapped 451 $ETH for 24 $WBTC pic.twitter.com/CbbBKbn80f— PeckShieldAlert (@PeckShieldAlert) November 9, 2023
ZachXBT went on to detail how the theft was carried out. Allegedly, the hacker executed two transactions, all leading to a crypto wallet created for that unique process.
Thereafter, the funds were transferred to the Bitcoin network using decentralized exchanges (DEXes) ThorChain and Wan Bridge.
Corroborating the story, renowned blockchain security firm Certik stated that suspicious transfers were made from 2 CoinSpot hot wallets, leading to the reported loss.
We are seeing reports of suspicious transfers from @coinspotau hot wallets.
In total 1,282 ETH was transferred to EOA 0x326 from 2 CoinSpot wallets pic.twitter.com/E7kzKlbEaO
— CertiK Alert (@CertiKAlert) November 8, 2023
Giving an idea of the tactics the cyber attacker employed, Certik stated that it could have been a result of a “probable private key compromise” of the exchange’s hot wallets.
To hide his criminal activity, the hacker swapped 450 Ether of the stolen funds for 24 Wrapped Bitcoin (WBTC) using the UniSwap DEX platform and then transferred to Wan Bridge.
Next, the attacker swapped 831 Ether for Bitcoin using the ThorChain platform, distributing the newly converted Bitcoin to another set of four crypto wallet addresses.
Further investigation of the Bitcoin explorer search engine showed that the BTC in the four wallet addresses were transferred to several new crypto wallets.
The hacker continued transferring the illicit funds in small amounts into new wallets every couple of minutes to make it tedious to track the lost funds later in the future.
So far, CoinSpot has not made an official announcement about the malicious attack and the stolen funds. Serving 2.5 million users, CoinSpot has become a household name in the Australian landscape since its debut in 2013.
The crypto exchange offers access to 420+ crypto assets, rivaling global brands like Binance. While it has no significant global presence, the Bitcoin exchange still offers a competitive platform to trade digital assets.
Crypto Hacks Not Abating
The crypto market is known for its phenomenal surges and nerve-racking crashes. However, a third innate variable is the growing presence of cyber threat groups and actors picking up crypto cherries from poorly secured platforms.
Hitting exchanges, decentralized autonomous organizations (DAOs), unsecured crypto wallets through phishing scams, Ponzi schemes, and hundreds of other malicious tactics, cybercriminals are paying closer attention to the crypto space.
According to Immuneif’s State of Crypto Q3 report, the crypto market lost $685 million in the third quarter of 2023 to hacks and fraudulent activities. This figure is 59.9% higher than the total value of $428 million lost within the same period last year.
Providing a breakdown, Immunefi stated that the most impacted networks were Mixin and Multichain protocols, which lost a combined $326 million, accounting for 47.5% of the total losses for Q3.
The infamous Lazarus Group was also cherry-picked as the most active cyber threat group in the fast-growing Web3 ecosystem. According to Immunefi, the state-backed cybercriminal unit stole $208.6 million, accounting for 30% of the total losses recorded within that particular time frame.
The Lazarus Group is allegedly working under the directives of the North Korean government. The group of anonymous hackers has pillaged the crypto space over the last two years, making serial thefts in the emerging industry.
Their work has become noticeable that the US Department of Treasury has permanently placed them under its sanctioned lists group.
