It’s not a very good week for cryptocurrency exchanges. After the US$70 million (R$340 million) attack against CoinEx, it was now the Remitano platform’s turn to suffer a hack on Thursday (14). As the company reported, the attack resulted in the theft of US$2.7 million in various cryptocurrencies, or around R$13 million in current values.
Among the cryptocurrencies stolen was an undisclosed amount of the stablecoin USDT. Upon learning of the theft, Tether, the stablecoin’s issuer, acted quickly, managing to freeze US$1.4 million. This way, hackers will not be able to move these funds, which will protect a substantial part of the assets.
Understand the attack
At around 12:45 pm on Thursday (Brasília time), one of Remitano’s online wallets, whose address is public, began sending cryptocurrencies to an unknown address. The suspicious transactions included $1.4 million worth of Tether, $208,000 worth of USDC, and ANKR tokens valued at $2,000 at the time.
Then Cyvers, a blockchain analytics platform, issued an immediate warning to the community. According to Cyvers, the transaction pattern resembled that of a hacker attack. Interestingly, hackers used the same strategy of accessing the online wallet that made the attack against CoinEx possible.
At first, Remitano was slow to issue any formal announcements about the breach. But on Friday morning (15), the exchange used its account on the social network X to confirm the attack. The publication did not reveal details about the theft, but the exchange assured that users’ funds are safe.
“Your safety is our highest priority as we always strive to maintain the highest quality standards on the Remitano platform. For now, we guarantee that your assets are still fully protected and will not be subject to any unexpected losses due to this incident,” the exchange said.
As happened in the CoinEx case, United States authorities attribute these malicious activities to the Lazarus Group, which allegedly has ties to the North Korean government. The group was involved in attacks against CoinEx and the staking platform Stake, which together caused losses of up to US$100 million.
However, Remitano did not provide further details about the attack or identify possible suspects. But given the similar mode of operation to the CoinEx case, suspicions again fall on Lazarus. The FBI has advised exchanges and cryptocurrency companies to remain vigilant and not transact with addresses associated with Lazarus.
As these attacks become more frequent, the importance of robust security protocols and swift countermeasures to protect investor assets is underlined.