Singapore-based cryptocurrency exchange Phemex has recently faced a setback as it temporarily suspended withdrawals after a reported $37 million exploit on one of its hot wallets. The exchange made the decision on Jan. 23 to conduct an emergency inspection and enhance its wallet security measures.
The breach was first detected by Cyvers, a blockchain security firm, which flagged unusual transfers of $29 million from Phemex’s hot wallets across various blockchains such as Ethereum, Binance Smart Chain, Polygon, Optimism, Base, and Arbitrum. Subsequently, Bitcoin and Tron-based assets were also affected, bringing the total losses to approximately $37 million. The attackers quickly began swapping the stolen tokens into Ethereum to avoid detection and freezing.
Meir Dolev, Co-Founder and CTO of Cyvers, provided further details on the incident, revealing over 125 suspicious transactions involving fund transfers from Phemex’s hot wallets to new wallets on various networks. The affected tokens and stablecoins were reportedly swapped across Ethereum, Binance Smart Chain, Avalanche, Solana, and other networks.
Phemex CEO Federico Variola reassured users that the exchange’s cold wallets, where the majority of funds are stored, remain secure and verifiable. He mentioned that the platform’s trading services continue to operate normally and updates will be provided as the investigation progresses. The company is also working on a compensation plan for affected users, with more details to be announced soon.
In a statement, Phemex expressed its apologies for the disruption and emphasized its commitment to providing a seamless and trusted trading environment. The exchange, known for its leading position in the Singapore market, has recorded trading volumes exceeding $170 million in the past 24 hours and holds $442 million in user assets, according to CoinMarketCap data.
As the investigation into the exploit continues, Phemex users can expect further updates on the situation and the compensation plan being developed. The exchange remains focused on maintaining a secure and reliable platform for its users amidst the challenges posed by the recent security incident.