On September 12, 2023, at 14:18 (UTC), Cyvers Alerts tweeted about suspicious withdrawals from CoinEx Exchange. ETH, TRON, MATIC, and more crypto assets were being moved from CoinEx's hot wallets to unknown addresses, triggering concerns of a potential hack. CoinEx promptly addressed the situation on Twitter at 17:38 on the same day. In their official statement, they revealed that their Risk Control System had detected unusual withdrawals from multiple hot wallet addresses where CoinEx stored its exchange assets. In response, the CoinEx team established a dedicated investigation team to thoroughly investigate the incident. Furthermore, they assured their users that they would provide 100% compensation for any losses incurred as a result of this security breach. On September 12, at 18:20 (UTC), CoinEx took further action by revealing the initial group of hacker wallet addresses through a Twitter announcement and sought assistance from various blockchain organizations to freeze them. The suspicious addresses are listed below: $ETH:0xce013682eddefaca8c94fe56a43a04212ebe46730x8bf8cd7F001D0584F98F53a3d82eD0bA498cC3dE0xCC1AE485b617c59a7c577C02cd07078a2bcCE4540x483D88278Cbc0C9105c4807d558E06782AEFf584 $BTC:1BHNb9UJy4cWFB5wywZkTVgoNB4JbFmswH $TRON:TP75t6owoqXxskLq6FB2R37PymNTmohq9LTPFUjxQzG88Vwynrpj2W61ZAkQ9W2QYgAQ$XRP:rpQxVcjVF2fC23r3xKyJS53jw8d5SRhZQf CoinEx disclosed the second batch of hacker addresses they identified at 2:41 on September 13: $ETH:0x2118e4432d668aCFa347ddBA0efCcc6BB04DB2970x1A61Df134d766f1e240FBFAEe79bBeCC04195f620x40cBe7580168d52b7FEC884120B31115c3F7E37E $XRP:rpQxVcjVF2fC23r3xKyJS53jw8d5SRhZQf $SOL:G3udanrxk8stVe8Se2zXmJ3QwU8GSFJMn28mTfn8t1kq $BSC:0x6953704e753C6FD70Eb6B083313089e4FC258A20 $KDA:k:a9f3672d7ad7a1e4592702d7 3b220cbc61db1fa17f89a56131d965bc03959913 $BCH:qrgxyhj8rzl4l7fgauu6q6vtu2grct4jeyrnaq2s75 $XDAG:15VY3MadZvLpXhjzFXwCUmtZcHszju6L9 CoinEx has disclosed three separate batches of hacker wallet addresses and has reached out to relevant project teams and exchanges, urging them to monitor and freeze these suspicious addresses. CoinEx users have expressed concerns as they are currently unable to withdraw funds from the exchange. However, CoinEx has reassured its users that, in the interest of asset security, withdrawals will resume once the hacker addresses are fully identified and isolated following a comprehensive review. The CoinEx team has emphasized that user assets remain secure and untouched during this process. It's important to note that hot wallets, unlike cold wallets which are kept offline and are generally more secure, are susceptible to hacking attempts. Over the past few years, there have been numerous incidents of exchange hacks and coin theft, which have raised significant concerns about blockchain security. The challenge of finding effective ways to protect against hackers remains an ongoing issue for crypto exchanges. At the time of this writing, CoinEx is still assessing the extent of the losses incurred due to this security breach. We will continue to closely monitor the situation and provide updates as soon as they become available.