Singapore-based cryptocurrency exchange Phemex has suffered a security breach, with approximately $29–$31 million siphoned from one of its hot wallets. The platform has suspended withdrawals as a precaution while investigations continue.
Details of the Hack
The breach was first flagged by crypto security firm Cyvers, which identified unusual transactions originating from the Phemex hot wallet. Blockchain analytics platform Lookonchain later confirmed the stolen assets, which include:
- 3.48M USDC
- 3.42M USDT
- 841 ETH ($2.7M)
- 110,701 LINK ($2.69M)
- 142B PEPE ($2.12M)
- 1.19M FET ($1.45M)
- 29,509 AVAX ($1.04M)
Phemex’s Response
Phemex CEO Federico Variola addressed the incident on social media, reassuring users that the exchange’s cold wallets remain secure and transparent. He stated:
“As we look into a report on one of our hot wallets, rest assured our cold wallets remain safe and can be checked by everyone here. More updates will be posted shortly.”
Current Status
- Withdrawals Suspended: A temporary measure to safeguard user funds.
- Trading Operational: Other platform services remain unaffected.
- Compensation Plan: Phemex is preparing a compensation strategy for affected users.
Phemex has emphasized its commitment to transparency, highlighting its history as the first exchange to publish proof-of-reserves and proof-of-solvency. Users can independently verify the safety of the platform’s cold wallets through its proof-of-reserves system.
Next Steps
The exchange is actively investigating the breach and working on strengthening its security measures. Further updates and details on user compensation will be provided as the situation develops.
