25.07.2025 08:09

A targeted phishing attack against a WOO X team member's device resulted in a significant security breach on July 24th, leading to the unauthorized withdrawal of $14 million from nine user accounts. The attacker, having gained limited access to the exchange's development environment, initiated the first fraudulent transaction at 13:50 UTC+8. Over the next two hours, a series of illicit withdrawals were executed before the breach was detected and contained at 15:40 UTC+8. While some attempted withdrawals were successfully blocked, a substantial sum was nevertheless stolen.

Although the breach was swiftly contained, the incident prompted the immediate suspension of all withdrawals as a precautionary measure. WOO X has pledged full reimbursement to every affected user. The platform remains offline for withdrawals while a comprehensive forensic audit, conducted with the assistance of external security experts and other cryptocurrency exchanges, is underway. This thorough investigation aims to prevent future vulnerabilities and ensure the platform’s secure operation.

The compromised funds, initially transferred from a WOO X hot wallet, included Tether (USDT), which was subsequently converted into Ethereum (ETH) and moved to a new address. Additional transactions involving BTCB and BNB on the BNB Chain were also observed. Blockchain security firm Cyvers Alerts quickly identified over $12 million in suspicious activity linked to the WOO X incident, further highlighting the scale of the attack. WOO X, leveraging resources from internet sources, continues to actively investigate this matter and will provide updates as they become available. The exchange is committed to restoring full functionality and user confidence as rapidly as possible.