Bitcoin Forum>Economy>Marketplace>Service Discussion>Exchanges
Pages:
Author

Topic: Phemex Exchange hacked (Read 193 times)

SensitiveEyes
newbie
Activity: 10
Merit: 3
Phemex Exchange hacked
February 08, 2025, 05:49:01 PM
#24
Exchanges should understand if they keep large quantities on hot wallets their luck could run out one day. Changing the deposit addresses after the security breach was expected because there could be a connection. If Phemex learnt a lesson from the hack they will stop loading large funds on the hot wallet because hackers will be after them.

Quote from: logfiles on February 08, 2025, 03:49:27 PM
They never learn or it's always just games. So many exchanges have been hacked in the past, from a CEO disappearing with the keys to the exchange wallets to someone insiders compromising some of the wallets, but the same mistakes keep happening over and over again.
I don't know if it's just luck, but Bitmex had a unique way of executing withdrawals, and I haven't heard about them getting hacked yet.

I logged into my phemex account and most of the deposit addresses have been changed, perhaps due to the security breach.
Z-tight
legendary
Activity: 1106
Merit: 1124
Wheel of Whales 🐳
Re: Phemex Exchange hacked
February 08, 2025, 05:19:01 PM
#23
Quote from: tabas on February 05, 2025, 04:23:27 PM
If the story becomes like that, it won't be surprising anymore. There have been a lot of inside jobs that have happened from these exchanges and they don't want to reveal that if it's an actual backdoor and inside job attack or actually made by someone outside.
For a long time now a lot of people believe that many of these exchange hacks were not actually 'hacks', but inside jobs, i know that there might not be a way to prove something like this. However, with the frequency exchanges get hacked, it is easier to believe that some of it came from inside, rather than an 'outsider' exploiting a vulnerability.
Quote from: logfiles on February 08, 2025, 03:49:27 PM
I logged into my phemex account and most of the deposit addresses have been changed, perhaps due to the security breach.
Yeah it is in their announcement, they also warn that any funds sent to old deposit addresses may take time before it would be credited, because it would have to be checked manually i guess.
logfiles
copper member
Activity: 2198
Merit: 1837
Re: Phemex Exchange hacked
February 08, 2025, 03:49:27 PM
#22
Quote from: SensitiveEyes on February 08, 2025, 03:29:26 PM
The hackers have to be part of a team because NoOnes exchange was hacked about the same time as Phemex was hacked. NoOnes CEO said they are learning after admitting he should not have stored $8 million in a hot wallet. Will the others learn?

Quote from: logfiles on February 04, 2025, 06:16:00 PM
Personally, I believe this "hacker" are actually part of the team and given the huge amounts of money they have in their custody and the temptations, they usually attempt to make off with some of the funds.
They never learn or it's always just games. So many exchanges have been hacked in the past, from a CEO disappearing with the keys to the exchange wallets to someone insiders compromising some of the wallets, but the same mistakes keep happening over and over again.
I don't know if it's just luck, but Bitmex had a unique way of executing withdrawals, and I haven't heard about them getting hacked yet.

I logged into my phemex account and most of the deposit addresses have been changed, perhaps due to the security breach.
SensitiveEyes
newbie
Activity: 10
Merit: 3
Re: Phemex Exchange hacked
February 08, 2025, 03:29:26 PM
#21
The hackers have to be part of a team because NoOnes exchange was hacked about the same time as Phemex was hacked. NoOnes CEO said they are learning after admitting he should not have stored $8 million in a hot wallet. Will the others learn?

Quote from: logfiles on February 04, 2025, 06:16:00 PM
Personally, I believe this "hacker" are actually part of the team and given the huge amounts of money they have in their custody and the temptations, they usually attempt to make off with some of the funds.
tabas
hero member
Activity: 3234
Merit: 775
Top Crypto Casino
Re: Phemex Exchange hacked
February 05, 2025, 04:23:27 PM
#20
Quote from: logfiles on February 04, 2025, 06:16:00 PM
Quote from: tabas on February 03, 2025, 06:41:20 PM
So they were one of the reliable ones in terms of that, fortunately I didn't have that chance in trading there although I've heard of them already before.
Yeah.
So, initially Bitmex during their prime had attractive derivatives trading fee for market makers (-0.025%) it was actually a rebate for any market maker. So anyone who placed a limit order would get paid 0.025% once the order was executed while most exchanges like Binance would instead charge a fee. Somewhere around 0.02%.

Bitmex abandoned the fee structure, but Bybit and phemex adopted it for some time before also abandoning it as well. During that time, when they still had the attractive fee structure, I decided to use them for derivatives trading.
I was already late in using Bybit and missed that structure, anyway it won't help me though I am not a good trader. But for sure traders like you were able to benefit from that before they changed it.

Quote from: logfiles on February 04, 2025, 06:16:00 PM
Quote from: tabas on February 03, 2025, 06:41:20 PM
That's true, it looks like there's a pattern for these hacks that happens. When the hackers can't do much anymore with the bigger ones, they target the smaller ones that have got some volume and back up funds.
Personally, I believe this "hacker" are actually part of the team and given the huge amounts of money they have in their custody and the temptations, they usually attempt to make off with some of the funds.
If the story becomes like that, it won't be surprising anymore. There have been a lot of inside jobs that have happened from these exchanges and they don't want to reveal that if it's an actual backdoor and inside job attack or actually made by someone outside.
logfiles
copper member
Activity: 2198
Merit: 1837
Re: Phemex Exchange hacked
February 04, 2025, 06:16:00 PM
#19
Quote from: tabas on February 03, 2025, 06:41:20 PM
So they were one of the reliable ones in terms of that, fortunately I didn't have that chance in trading there although I've heard of them already before.
Yeah.
So, initially Bitmex during their prime had attractive derivatives trading fee for market makers (-0.025%) it was actually a rebate for any market maker. So anyone who placed a limit order would get paid 0.025% once the order was executed while most exchanges like Binance would instead charge a fee. Somewhere around 0.02%.

Bitmex abandoned the fee structure, but Bybit and phemex adopted it for some time before also abandoning it as well. During that time, when they still had the attractive fee structure, I decided to use them for derivatives trading.

Quote from: tabas on February 03, 2025, 06:41:20 PM
That's true, it looks like there's a pattern for these hacks that happens. When the hackers can't do much anymore with the bigger ones, they target the smaller ones that have got some volume and back up funds.
Personally, I believe this "hacker" are actually part of the team and given the huge amounts of money they have in their custody and the temptations, they usually attempt to make off with some of the funds.
SensitiveEyes
newbie
Activity: 10
Merit: 3
Re: Phemex Exchange hacked
February 04, 2025, 11:03:47 AM
#18
They do not have a globally popular name, I am reading about this exchange for the first time. Their hack could be down to security flaws but it does not explain why they had $100 million sitting there. If will not exit they have to form a strategy to return every last coin and token to their customers.

Quote from: EarnOnVictor on January 29, 2025, 05:10:04 AM
Security flaws everywhere. The "trading services continue as usual" annoys me the most with these centralised exchanges, how can I proudly continue trading when I know I will not be able to withdraw my money?

Well, I don't go near these lowly rated exchanges, I believe the risk is too high for me. Who knows if all these are planned work like some others did in the past? I can only wish the intending victim well at this point.
tabas
hero member
Activity: 3234
Merit: 775
Top Crypto Casino
Re: Phemex Exchange hacked
February 03, 2025, 06:41:20 PM
#17
Quote from: logfiles on February 03, 2025, 11:56:27 AM
Quote from: tabas on January 31, 2025, 10:04:48 PM
I've heard of them when they're still new and have got a lot of trading challenges and promos.
I have used it a number of times before for derivatives trading because of their fee structure and then when they changed the fees i started using it just for small trades especially after the collapse of FTX.
So they were one of the reliable ones in terms of that, fortunately I didn't have that chance in trading there although I've heard of them already before.

Quote from: logfiles on February 03, 2025, 11:56:27 AM
Quote from: tabas on January 31, 2025, 10:04:48 PM
I think this is the first time CMIIW that they've been hacked.
After the big boys got hacked. It was a matter of time before they got hacked as well.
That's true, it looks like there's a pattern for these hacks that happens. When the hackers can't do much anymore with the bigger ones, they target the smaller ones that have got some volume and back up funds.

Quote from: logfiles on February 03, 2025, 11:56:27 AM
Quote from: tabas on January 31, 2025, 10:04:48 PM
They should also change this tagline that they have on their website.

Quote from: https://phemex.com/
The Most Efficient Crypto Trading and Investment Platform
That's not going to happen, most exchanges love to boost about themselves about the things there are not even  Grin
A tagline that they have believed they were but never did it happened and will never be after this hack.
logfiles
copper member
Activity: 2198
Merit: 1837
Re: Phemex Exchange hacked
February 03, 2025, 11:56:27 AM
#16
Quote from: tabas on January 31, 2025, 10:04:48 PM
I've heard of them when they're still new and have got a lot of trading challenges and promos.
I have used it a number of times before for derivatives trading because of their fee structure and then when they changed the fees i started using it just for small trades especially after the collapse of FTX.
Quote from: tabas on January 31, 2025, 10:04:48 PM
They should also change this tagline that they have on their website.

Quote from: https://phemex.com/
The Most Efficient Crypto Trading and Investment Platform
That's not going to happen, most exchanges love to boost about themselves about the things there are not even  Grin
joniboini
legendary
Activity: 2170
Merit: 1789
Re: Phemex Exchange hacked
January 31, 2025, 11:48:51 PM
#15
Quote from: EarnOnVictor on January 29, 2025, 05:10:04 AM
Security flaws everywhere. The "trading services continue as usual" annoys me the most with these centralised exchanges, how can I proudly continue trading when I know I will not be able to withdraw my money?
Yeah, that's a weird decision although I don't recall seeing any CEX stop their services entirely because their hot wallets were accessed by scammers, except one. Even then they're not being open about it so people are just speculating that they were hacked. I guess this is one of their goals, to reduce speculation and encourage people to keep visiting their services while they fix their security holes. It's still a terrible practice since they won't be able to regain user trust just because of this. CMIIW.
tabas
hero member
Activity: 3234
Merit: 775
Top Crypto Casino
Re: Phemex Exchange hacked
January 31, 2025, 10:04:48 PM
#14
I've heard of them when they're still new and have got a lot of trading challenges and promos. I think this is the first time CMIIW that they've been hacked. It's a matter of how these exchanges have deep pockets on how they'll recover from the damage that was done to them. They should also change this tagline that they have on their website.

Quote from: https://phemex.com/
The Most Efficient Crypto Trading and Investment Platform
examplens
legendary
Activity: 3542
Merit: 3625
Crypto Swap Exchange
Re: Phemex Exchange hacked
January 31, 2025, 07:14:15 AM
#13
Quote from: dkbit98 on January 29, 2025, 04:54:47 PM
I never used Phemex and I don't know how popular they are, but I saw a warning information posted on Coingecko about Phemex temporarily suspending withdrawals due to a security breach.
I don't believe their reported trading volume of over $156 million is true, but lost hacked amount of money is significant.
It is crazy to see how centralized exchanges are getting hacked all the time, and so many people still have all their coins on exchanges. Tongue

I am also hearing about this exchange for the first time, and looking at their platform I am quite surprised that they had $100mil in their wallets. Based on some of the earlier reported hacks by exchanges, I wouldn't be surprised if it was a pretext for an exit scam.
As for the reported daily trading volume, eXch, which has become very popular, has a daily trading volume of around $25 million, which makes their $150 million unrealistic.
Z-tight
legendary
Activity: 1106
Merit: 1124
Wheel of Whales 🐳
Re: Phemex Exchange hacked
January 31, 2025, 05:49:47 AM
#12
Quote from: hugeblack on January 31, 2025, 04:33:39 AM
According to CMC[1] phemex trading volumes data, $85 million in hacks should not have caused significant damage to the platform. if this caused a problem, then they were probably lying about reserves and trading volumes.
Since the hack happened on the 23rd of this month and only a few days later withdrawals for some coins and some chains have already resumed, i guess we can say the hack did not affect them significantly. I am not saying for sure that their reported trading volume is true, but from how things are developing, they are going to recover well and fast from this security breach.

However, i hope they do better regarding security and people who still use exchanges to hold significant amount of funds should learn from another event that should make them change their mind.
hugeblack
legendary
Activity: 2772
Merit: 4110
Re: Phemex Exchange hacked
January 31, 2025, 04:33:39 AM
#11
According to CMC[1] phemex trading volumes data, $85 million in hacks should not have caused significant damage to the platform. if this caused a problem, then they were probably lying about reserves and trading volumes.

In general, if the total trading is around half a billion and daily trading is more than $130 million, then $85 million should not have been a part of hot wallet, but rather the hackers were able to access most/all hot wallets.

[1] https://coinmarketcap.com/exchanges/phemex/
Z-tight
legendary
Activity: 1106
Merit: 1124
Wheel of Whales 🐳
Re: Phemex Exchange hacked
January 30, 2025, 02:26:03 PM
#10
Quote from: Russlenat on January 30, 2025, 07:03:54 AM
Anyway, it looks like they’re back in action now, according to their latest updates. You can follow their progress here.

https://phemex.com/announcements
I have clicked this link and i didn't see anything that shows they have started allowing withdrawals again, isn't that what you meant by they are now back in action. The latest update i can see there is that they have listed a new memecoin shitcoin in their platform. Have i missed anything here?

Edit: oh, i can see now that withdrawals for BTC, usdt, usdc, etc have all resumed, sorry i missed it the first time, this is a good development for customers of this exchange.
Russlenat
hero member
Activity: 2716
Merit: 904
Re: Phemex Exchange hacked
January 30, 2025, 07:03:54 AM
#9
Quote from: dkbit98 on January 29, 2025, 04:54:47 PM
I never used Phemex and I don't know how popular they are, but I saw a warning information posted on Coingecko about Phemex temporarily suspending withdrawals due to a security breach.
I don't believe their reported trading volume of over $156 million is true, but lost hacked amount of money is significant.
It is crazy to see how centralized exchanges are getting hacked all the time, and so many people still have all their coins on exchanges. Tongue

As for the volume, that might not be entirely accurate since exchanges can manipulate trading volume to attract traders, and I think a lot of exchanges do this. Anyway, it looks like they’re back in action now, according to their latest updates. You can follow their progress here.

https://phemex.com/announcements
dkbit98
legendary
Activity: 2212
Merit: 7064
Re: Phemex Exchange hacked
January 29, 2025, 04:54:47 PM
#8
I never used Phemex and I don't know how popular they are, but I saw a warning information posted on Coingecko about Phemex temporarily suspending withdrawals due to a security breach.
I don't believe their reported trading volume of over $156 million is true, but lost hacked amount of money is significant.
It is crazy to see how centralized exchanges are getting hacked all the time, and so many people still have all their coins on exchanges. Tongue
albon
legendary
Activity: 1932
Merit: 1549
Re: Phemex Exchange hacked
January 29, 2025, 04:31:19 PM
#7
Quote from: Potato Chips on January 29, 2025, 03:50:47 PM
In their progress update from the article shared by OP, they've been slowly opening deposits and withdrawals of particular chains, as well.

Interestingly, it appears they'll be rolling out some sort of reward for their users

This is a nice gesture + can be a good PR. Though, I don't think I'd expect much of a reward. It's still nice though since hacked exchanges don't usually do it.
Yes, this is good news, indeed; in their progress updates, from January 23 to January 26, i.e. 3 days ago, they resumed withdrawals for five blockchain networks, as well as withdrawals for Bitcoin, Ethereum, Solana, and finally, USDT - USDC stablecoins on the Solana and Ethereum networks. They advised users to generate new deposit addresses instead of using their old ones.

I did not know about this exchange except through this topic, but the search engine indicates that they have nearly 5 million users. Certainly, these rewards and compensations are likely an attempt to make up for the disruption they caused by halting services, which understandably caused panic among users. It is indeed a good thing on their part and a strategy to restore trust and retain customers. However, I advise their customers to transfer their assets after withdrawing them to a hardware wallet so they do not encounter these incidents again.
Potato Chips
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
Re: Phemex Exchange hacked
January 29, 2025, 03:50:47 PM
#6
Jeez, last I heard about this, the reported loss was at $29M. I see it haa ramped up significantly as they've gotten more information.

But looking at their proof of reserves at $450M, they'd be able to compensate the loss. In their progress update from the article shared by OP, they've been slowly opening deposits and withdrawals of particular chains, as well.

Interestingly, it appears they'll be rolling out some sort of reward for their users

Quote from: https://x.com/Federico0x/status/1882790130743697433
Hello all, we are progressively restoring USDT and USDC withdrawals, all reqs will be manually reviewed by our security team, so please be patient with the queue time.
We have also taken a snapshot of all users' balances as of 12pm UTC for a reward for your support and loyalty, more on this soon.
BTC withdrawals will be enabled soon, BTC wallets were unaffected: phemex.com/proof-of-reser…

This is a nice gesture + can be a good PR. Though, I don't think I'd expect much of a reward. It's still nice though since hacked exchanges don't usually do it.
Z-tight
legendary
Activity: 1106
Merit: 1124
Wheel of Whales 🐳
Re: Phemex Exchange hacked
January 29, 2025, 08:10:54 AM
#5
I am just hearing about this exchange for the first time. Nothing new; another exchange has been hacked and customers funds has been lost. Should we say not your keys, not your coins again, will it change anything, it won't stop people from being victims when the 'next' exchange collapses. They said they are working on a compensation plan, so we'll see how that goes.
Pages:
Bitcoin Forum>Economy>Marketplace>Service Discussion>Exchanges
Jump to: