Phemex Cryptocurrency Exchange Suffers $85 Million Cyberattack

Overview of the Cyberattack

Singapore-based cryptocurrency exchange Phemex has been targeted in a major cyberattack, leading to the theft of over $85 million worth of digital assets. The breach, initially detected on January 23, 2025, involved suspicious transactions across multiple blockchains.

At first, Phemex estimated the losses at $29 million, but as more fraudulent transactions surfaced, the total damage escalated to over $85 million across 16 different blockchains.

Immediate Response and Security Measures

Upon discovering the breach, Phemex took swift action to limit further losses and investigate the incident. The company suspended deposits and withdrawals for most chains and temporarily halted Bitcoin (BTC) and Ethereum (ETH) withdrawals to prevent further unauthorized transactions.

Additionally, Phemex released a Proof of Reserves (POR), ensuring transparency regarding the status of user funds and the exchange’s overall liquidity.

The affected systems were identified and isolated, and Phemex sought assistance from third-party security firms and law enforcement agencies to further investigate and mitigate the threat.

Restoring Operations and Security Enhancements

Over the weekend, Phemex gradually resumed withdrawals, although deposit addresses were updated as part of enhanced security measures. Users were advised that transactions sent to old deposit addresses would require manual review and approval, potentially causing delays.

The company reassured its users that the new system was live and under continuous monitoring by cybersecurity specialists, with significant security upgrades to prevent future breaches.

Compensation and Ongoing Investigation

On Thursday, Phemex addressed the community on X (formerly Twitter), confirming that a compensation plan was in the works and would be announced soon. Trading services, however, remained fully operational throughout the incident.

CEO Federico Variola later commented that the attack was carried out by a highly sophisticated threat actor, though no specific hacker group has been identified or publicly attributed to the breach.

The Growing Threat of Crypto Exchange Attacks

The cyberattack on Phemex underscores the increasing security challenges faced by cryptocurrency exchanges. In recent years, threat actors—ranging from state-sponsored hacking groups to independent cybercriminal syndicates—have continuously targeted crypto platforms to exploit vulnerabilities and steal user funds.

The Phemex breach serves as a reminder that even well-established exchanges with security measures in place remain attractive targets for cybercriminals.

Steps for Crypto Users to Enhance Security

In light of these threats, crypto traders and investors should take proactive steps to secure their assets:

• Enable Two-Factor Authentication (2FA) on all exchange accounts.

• Use hardware wallets for long-term crypto storage instead of keeping large balances on exchanges.

• Monitor withdrawal activity and set up alerts for suspicious transactions.

• Regularly update passwords and avoid reusing them across different platforms.

• Be cautious of phishing attempts that mimic official exchange communications.

As cryptocurrency adoption grows, security best practices must evolve alongside new threats. Exchanges like Phemex continue to improve their security infrastructure, but users must also remain vigilant to protect their assets from potential breaches.

The full details of the Phemex compensation plan are expected to be released soon, and the investigation into the attack remains ongoing.