Phemex, a prominent cryptocurrency exchange, suffered a devastating security breach on Thursday, resulting in the theft of over $85 million worth of cryptocurrency.
The company quickly responded by suspending deposits and withdrawals while sharing proof of reserves to maintain transparency.
According to Phemex CEO Federico Variola, the breach was limited to the exchange’s hot wallets, with cold wallets remaining unaffected. “On January 23, 2025, at 11:30 UTC, we noticed unusual activity in our hot wallet,” stated the announcement on the Phemex website. Immediate actions were taken, including activating emergency response protocols, isolating affected devices, and notifying law enforcement and third-party security firms to mitigate further risks.
To ensure security, withdrawals have been temporarily suspended while we conduct an emergency inspection and strengthen wallet services. We sincerely apologize for the inconvenience. Withdrawals will be restored soon.
— Phemex (@Phemex_official) January 23, 2025
Phemex and the development team apologize for the disruption.… https://t.co/Gsqp2Fx7HP
Initial estimates pegged the stolen funds at $29 million. However, security firm PeckShield later revised the figure to $69 million. By Sunday, MetaMask’s Taylor Monahan confirmed the stolen amount had surged to at least $85 million. In response, Phemex has implemented a more secure system that is closely monitored by cybersecurity experts. Gradual restoration of withdrawal services has begun, with popular assets like ETH, USDT, and USDC on Ethereum operational since Friday. Other networks, including Solana, Arbitrum, and Polygon, have followed suit.
Users are advised not to use old deposit addresses to avoid delays, and pending deposits should be reported to customer support. While large-scale crypto heists are often attributed to North Korean hacker groups such as Lazarus, Phemex has not disclosed any attribution details. For now, the identity of the attackers behind this massive breach remains unknown.
