Phemex

Quick Summary

On January 23, 2025, Phemex crypto exchange detected nearly $30 million in suspicious outflows from its hot wallets, prompting the
exchange to halt withdrawals and launch a security inspection. Subsequent investigations revealed additional breaches across
Bitcoin and Tron networks, bringing the estimated total loss to $37 million.




Details of the Exploit

The exploit targeted Phemex’s hot wallets across multiple blockchains, including Ethereum, BNB Chain, Polygon, Arbitrum, Base, and
Optimism. Blockchain security firm Cyvers identified 125 suspicious transactions involving digital assets such as stablecoins and
tokens, which were swiftly swapped to Ethereum to bypass freezing measures. These funds are suspected to have been laundered
through mixing services like Tornado Cash. Despite the breach, Phemex confirmed that its cold wallets remain secure. In response,
the exchange suspended withdrawals, kept trading services operational, and announced plans to bolster wallet security while
devising a compensation strategy for affected users.