CoinEx Published FAQ on Recent Hack, Addresses Community Concerns
A special team is thoroughly investigating the hack design and potential damage. Also, it completely reconsidered the security mechanisms of the exchange to prevent similar attacks from happening again.
CoinEx sheds light on hack investigation, withdrawals and compensation plans
Crypto exchange CoinEx released a statement regarding the Sept. 12 hack caused by one of the exchange’s hot wallets being compromised. In the first 48 hours after the attack, a number of emergency actions were taken.
First of all, CoinEx suspended all deposits and withdrawals and implemented an emergency shutdown of the hot wallet server. Then, the company transferred the remaining assets to secure cold storage and started rebuilding and deploying new wallet architecture. Secondly, CoinEx initiated rigorous investigations into the attack, led by the CoinEx wallet team and security team. Thirdly, CoinEx contacted peer exchanges to freeze related assets.
#CoinExResponseUpdate – CoinEx Team Work Progress Update
On September 16th, here’s the update on the CoinEx team’s investigation and actions regarding the hack(details in threads): pic.twitter.com/6UGGjKyBiF
— CoinEx Global (@coinexcom) September 16, 2023
CoinEx’s Founder and CEO, Haipo Yang, has also expressed his sincere regrets about the incident to affected users via his personal Twitter account. He has further pledged that the team is working diligently to promptly restore services and has reassured users that their funds will not be impacted.
Considering that users are most concerned about the restoration of withdrawal services, compensation for stolen assets, and the security plans moving forward, CoinEx released its FAQ on Sep. 15 to address these concerns one by one, aiming to provide full transparency to users.
In this FAQ, we can see that the CoinEx team is making every effort to reopen withdrawals only when it is deemed completely safe for users to access their funds.
We aim to finalize wallet upgrades next week, after which withdrawals will gradually resume in phases upon passing stringent security checks. Our team is currently focused on building and deploying an entirely new and robust wallet system to handle activities within the 211 chains and 737 assets. Once we can guarantee the safety, we will open withdrawals.
CoinEx also reassures its users that each of its product lines operates independently with its own risk control system. Therefore, the security incident that occurred in CoinEx will not impact the other product lines.
In addition to that, the team has once again reaffirmed its commitment to the previously announced 100% compensation program. While the accurate aggregated amount of the drained funds is still being calculated, the team estimates that approximately $70 million worth of various assets has been lost.
CoinEx does not reject communication with hackers
Many supporters and enthusiasts are asking about whether the identity of the attacker is known. CoinEx representatives answered that this issue remains under investigation. The exchange has noted attribution claims made by some security firms, but its core focus is to expeditiously build and deploy the new wallet architecture and restore impacted users and functions.
At the same time, the platform has opened communication channels with the hackers in hopes of proactive engagement toward a mutually agreeable resolution.
Last but not least, the team announced a plan for a major security upgrade. First, CoinEx is set to enhance security protocols and risk management systems.
Second, the frequency of vulnerability assessments will be increased and new warning mechanisms for potential attacks will be integrated. Third, the CoinEx Credit Risk Funds will be introduced to advance the platform’s response capabilities for contingencies.