
Cryptocurrency exchange Phemex experienced a significant security breach on Thursday, resulting in the theft of approximately $85 million in digital assets. The incident, initially detected at 11:30 UTC on January 23, 2025, prompted the platform to immediately suspend deposits and withdrawals.
CEO Federico Variola confirmed that while hot wallets were compromised, cold storage remained secure. The exchange swiftly implemented emergency protocols and engaged third-party security firms and law enforcement for investigation. Initial loss estimates of $29 million were revised upward, first to $69 million by PeckShield, and finally to $85 million as calculated by MetaMask’s Taylor Monahan.
In response, Phemex has implemented a new security system under close monitoring. The platform is gradually restoring withdrawal services across various cryptocurrencies and networks, including Ethereum, Solana, Arbitrum, Optimism, BSC, Polygon, and Base. Users are advised to use new deposit addresses and contact support for pending transactions.
While the perpetrators remain unidentified, such large-scale crypto heists are often attributed to North Korean hacking groups like Lazarus. Recent U.S. government reports indicate North Korean hackers were responsible for $659 million in cryptocurrency theft in 2024, with Chainalysis estimating a higher figure of $1.3 billion. The FBI recently linked the North Korean group ‘TraderTraitor’ to a $308 million hack of DDM Bitcoin in May 2024.