It is believed that the Lazarus Group, a hacking syndicate with ties to North Korea, orchestrated the Nov. 10 breach of Poloniex’s hot wallet. Insights from a market research platform suggest that the breach could be attributed to a compromised private key.
Leakage of Private Key: A Probable Cause
Market research entity X-explore posits that the Lazarus Group, known for its association with North Korea, likely executed the recent Poloniex hack. This assessment follows the identification of tactics similar to those employed in the Stake.com breach on Sept. 4, 2023. X-explore’s conclusions were drawn from the similarities in the operational methods observed.
The news outlet CryptokenTop.com reported on Nov. 10 that the cryptocurrency exchange Poloniex, owned by Justin Sun, suffered a significant loss of approximately $114 million due to the hacking of its hot wallets. Following the breach confirmation by onchain analysts, Poloniex promptly disabled its wallet system.
X-explore, in its preliminary analysis disseminated via X (previously known as Twitter), suggested that the breach could have resulted from a leaked private key. Regarding the involvement of the Lazarus Group, X-explore explained:
Each type of token is stored in separate addresses, meaning a single address manages only one kind of token. The hackers utilized a middle address to exchange ERC 20/TRC 20 tokens on a decentralized exchange before transferring the ETH/TRX to a new address.
Subsequently, in an update on X, Sun disclosed that the Poloniex team had managed to freeze a portion of the stolen assets. He assured that the losses were within controllable limits and that the operational revenues of Poloniex were sufficient to cover these losses. However, Sun did not specify a timeline for resuming deposit and withdrawal services on the exchange.
We invite your opinions on this incident. Please share your thoughts in the comments section below.
Frequently Asked Questions (FAQs) about Poloniex Hack Analysis
Who is suspected to be behind the recent Poloniex hack?
The Lazarus Group, a North Korean hacking syndicate, is suspected to be responsible for the Nov. 10 Poloniex hot wallet breach.
What was the estimated loss from the Poloniex hack?
The estimated loss from the Poloniex hack, as reported on Nov. 10, was approximately $114 million.
What led to the suspicion of the Lazarus Group’s involvement in the Poloniex hack?
The suspicion arises from similarities in the tactics used in the Poloniex breach and those observed in the Stake.com breach on Sept. 4, 2023, which are characteristic of the Lazarus Group.
What was the probable cause of the Poloniex hot wallet breach?
A leakage of the private key is cited as the probable cause of the Poloniex hot wallet breach, as suggested by the market research platform X-explore.
What measures did Poloniex take following the wallet breach?
Poloniex temporarily disabled its wallet system immediately after the breach was confirmed and later managed to freeze some of the stolen assets.
Has Poloniex covered the losses from the hack?
Justin Sun, owner of Poloniex, claimed that the losses incurred were within manageable limits and that the exchange’s operating revenue could sufficiently cover such losses.
When will Poloniex resume deposit and withdrawal services?
As of the last update, Justin Sun has not provided a specific timeline for when Poloniex will resume its deposit and withdrawal services.
More about Poloniex Hack Analysis
- Poloniex Hot Wallet Breach Details
- Lazarus Group’s Suspected Involvement in Cyber Attacks
- Market Research on Cryptocurrency Hacks
- Justin Sun’s Statement on Poloniex Hack
- Cryptocurrency Exchange Security Measures
- Analysis of the Private Key Leakage in Crypto Exchanges