In the midst of a challenging year for crypto exchanges, Remitano, a centralized exchange, fell prey to a hack on September 14, 2023, losing nearly $2.7 million in digital currencies.
The breach unfolded at around 12:45 PM on Thursday when an unidentified address with no transaction history began receiving funds from one of the exchange’s hot wallets. Cyvers, a blockchain analytics firm, swiftly identified these suspicious transactions and promptly alerted the crypto community.
The attacker managed to siphon off a total of $2.7 million in digital assets, comprising $1.4 million in Tether USDT, $208,000 in USD Coin (USDC), and $2,000 in Ankr tokens. Notably, Tether promptly intervened by freezing the alleged hacker’s address, safeguarding approximately $1.4 million worth of USDT before any further transactions or conversion of the stolen funds could occur.
U.S. authorities are attributing this incident to the Lazarus Group, a cybercrime organization based in Korea believed to be operating in tandem with the North Korean government. This group has been linked to several hacks in 2023.
Remitano, a peer-to-peer centralized crypto exchange and payment processor, specializes in serving emerging markets, including Pakistan, Ghana, Venezuela, Vietnam, South Africa, and Nigeria. As of now, the exchange has not issued any official statement regarding the alleged hack.
The Lazarus Group has been responsible for some of the most significant hacks in 2023, amassing nearly $200 million in ill-gotten gains, constituting around 20% of all crypto hacks this year.
On September 4, 2023, the group targeted the prominent crypto casino, Stake, making off with over $41 million in digital assets. Despite the breach, Stake resumed operations shortly thereafter, assuring users that their funds were secure.
Then, on September 12, 2023, CoinEx fell victim to a massive hack believed to be orchestrated by the Lazarus Group. Cyvers warned the crypto firm to halt all withdrawals and deposits upon detecting multiple suspicious transactions, but the response came too late. The group absconded with over $27 million in crypto assets, with subsequent reports indicating the actual amount exceeded $55 million.
Following the Stake incident, the Federal Bureau of Investigation (FBI) disclosed several addresses associated with the group and advised crypto exchanges to refrain from transactions involving these addresses.
Since its inception in 2009, the Lazarus Group is said to have stolen over $2.3 billion in crypto assets. The group gained notoriety for its 2014 hack of Sony Pictures Entertainment, which resulted in over $35 million in IT repair costs.