bitcoin
Bitcoin (BITCOIN)
$95,844 0.22%
ethereum
Ethereum (ETHEREUM)
$2,693 0.12%
binancecoin
BNB (BINANCECOIN)
$650.41 -0.29%
solana
Solana (SOLANA)
$168.82 1.17%
ripple
XRP (RIPPLE)
$2.59 0.36%
shiba-inu
Shiba Inu (SHIBA-INU)
$0.000015 0.34%
pepe
Pepe (PEPE)
$0.000009 -1.32%
bonk
Bonk (BONK)
$0.000016 0.08%
bitcoin
Bitcoin (BITCOIN)
$95,844 0.22%
ethereum
Ethereum (ETHEREUM)
$2,693 0.12%
binancecoin
BNB (BINANCECOIN)
$650.41 -0.29%
solana
Solana (SOLANA)
$168.82 1.17%
ripple
XRP (RIPPLE)
$2.59 0.36%
shiba-inu
Shiba Inu (SHIBA-INU)
$0.000015 0.34%
pepe
Pepe (PEPE)
$0.000009 -1.32%
bonk
Bonk (BONK)
$0.000016 0.08%
bitcoin
Bitcoin (BITCOIN)
$95,844 0.22%
ethereum
Ethereum (ETHEREUM)
$2,693 0.12%
binancecoin
BNB (BINANCECOIN)
$650.41 -0.29%
solana
Solana (SOLANA)
$168.82 1.17%
ripple
XRP (RIPPLE)
$2.59 0.36%
shiba-inu
Shiba Inu (SHIBA-INU)
$0.000015 0.34%
pepe
Pepe (PEPE)
$0.000009 -1.32%
bonk
Bonk (BONK)
$0.000016 0.08%
Disclosure
Cryptocurrency trading is speculative and your capital is at risk when you trade. We may earn affiliate commissions from some of the products on this page - at no extra cost to you.
Hackers Target Phemex Hot Wallets, Steal Ethereum and Other Assets

Highlights:

  • Phemex lost $70 million through a cyberattack by the North Korean hackers targeting hot wallets.
  • Phemex has assured users that the cold wallets are safe and withdrawals will resume soon.
  • The timing enabled the attackers to blend their transactions into normal trading activity.

Phemex, a cryptocurrency exchange based in Singapore lost more than $70 million in their security breach on January 23. Blockchain analytics firm PeckShield has noted that the exploit targeted the exchange’s hot wallets across multiple blockchain networks. Several major cryptocurrencies were impacted in the attack causing substantial financial loss.

Advertisement

Banner

The hackers were able to drain up to $20 million worth of ETH and stablecoins. They got away with XRP worth $13 million and Solana worth $17 million. The attackers targeted stablecoins such as Tether and USD Coins. They immediately converted the stablecoins to Ethereum. They used the tactic to avoid redlisting mechanisms and increase liquidity for the stolen assets.

The multi-chain nature of the attack demonstrated the attackers’ technical expertise. Hacken analysts suggest that the culprits might be linked to North Korea. The incident is one of the biggest cryptocurrency hacks of 2025 to date.

Actions Taken After the Security Breach

After the breach, Phemex made every effort to protect other assets. Security firms flagged unusual activity, and the exchange suspended withdrawals immediately. Phemex CEO Federico Variola tweeted reassurance on X that the cold wallets were secure and that users could check them.

Phemex will execute its withdrawal service restoration through sequential deployment phases. On Jan 24, Variola announced the resumption of limited USDT and USDC withdrawal options. Users must submit withdrawal requests on the platform, which are then manually checked by staff for security.

Phemex solved the issues that customers had. Through the company’s official website, users can check the safety status of their assets. The company apologized for interrupting withdrawals and promised to share the details of the compensation plan soon.

Details of the Phemex Hack and Ongoing Investigation

The hackers used advanced techniques to target wallets on multiple blockchain networks. Moreover, Security logs show that the attackers found ways to consolidate the stolen assets and quickly convert them to Ethereum.

The investigations into the breach indicate that the attackers used automated scripts to help speed up the process of transfer and conversion of the assets. This tactic makes it hard for the platform to freeze or recover the stolen assets. Phemex has not revealed the exact technical details of how the exploit occurred. The exchange has assured the customers that it is working with blockchain security firms to trace the funds.

The attack happened during peak Asian trading hours, which might have delayed its initial detection. The timing enabled the attackers to blend their transactions into normal trading activity. The technical expertise behind the approach and rapid asset consolidation indicates that experts made the hack.

Meanwhile, blockchain security firms have collaborated to identify if the stolen funds have appeared on other exchanges or services. These efforts may help recover and limit the impact of the hack.

eToro Platform

Best Crypto Exchange

  • Over 90 top cryptos to trade
  • Regulated by top-tier entities
  • User-friendly trading app
  • 30+ million users
9.9

5 Stars

eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.

Advertisement

Banner

Advertisement

Banner

Advertisement

Banner