CoinEX hacked
attack
The attack was carried out through an "injection" into the source code of a script for deploying smart contracts. The injection was hidden inside one of the dependencies in the smart contract code.
The attack was carried out through an "injection" into the source code of a script for deploying smart contracts. The injection was hidden inside one of the dependencies in the smart contract code.
As a result of the theft, various tokens were withdrawn from the smart contract, with the bulk of the stolen tokens being ANKR tokens equivalent to 7,000,000 usdt. Using various DEX, the attacker transferred the stolen tokens to BNB, losing about 1,000,000 usdt in exchange fees.
As a result of analyzing the logs and evaluating the attack, one of the project developers was found to be involved in the hack.
In the course of the investigation we managed to establish a connection with the developer
/the hacker who committed the token theft. As a result of the negotiation process with the hacker, he voluntarily returned the stolen assets (the assets were returned by the hacker to the address 0x67077FDCD4b7429b2Fae6B7fFDA860D39247C552).
Currently, a criminal case has been opened, and a decision is being made regarding the type of punishment against the hacker.
The attack was carried out through an "injection" into the source code of a script for deploying smart contracts. The injection was hidden inside one of the dependencies in the smart contract code.
As a result of the theft, various tokens were withdrawn from the smart contract, with the bulk of the stolen tokens being ANKR tokens equivalent to 7,000,000 usdt. Using various DEX, the attacker transferred the stolen tokens to BNB, losing about 1,000,000 usdt in exchange fees.
As a result of analyzing the logs and evaluating the attack, one of the project developers was found to be involved in the hack.
In the course of the investigation we managed to establish a connection with the developer
/the hacker who committed the token theft. As a result of the negotiation process with the hacker, he voluntarily returned the stolen assets (the assets were returned by the hacker to the address 0x67077FDCD4b7429b2Fae6B7fFDA860D39247C552).
Currently, a criminal case has been opened, and a decision is being made regarding the type of punishment against the hacker.
