{"id":5747,"date":"2025-07-25T04:29:15","date_gmt":"2025-07-25T04:29:15","guid":{"rendered":"https:\/\/bitunikey.com\/news\/14m-woo-x-exploit-tied-to-targeted-phishing-attack-of-team-members-device\/"},"modified":"2025-07-25T04:29:19","modified_gmt":"2025-07-25T04:29:19","slug":"14m-woo-x-exploit-tied-to-targeted-phishing-attack-of-team-members-device","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/14m-woo-x-exploit-tied-to-targeted-phishing-attack-of-team-members-device\/","title":{"rendered":"$14M WOO X exploit tied to targeted phishing attack of team member\u2019s device"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Crypto exchange WOO X reported a security breach on July 24 that resulted in unauthorized withdrawals totaling $14 million across nine user accounts.\u00a0<\/p>\n<div id=\"cn-block-summary-block_2153dbce667cc09f4760aecb62e324aa\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>WOO X exploit has been linked to a phishing-based attack targeting its dev environment.<\/li>\n<li>9 user accounts were affected; all losses will be reimbursed.<\/li>\n<li>The platform remains offline for withdrawals pending a security audit.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>The company said in a July 24 <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/support.woox.io\/hc\/en-us\/articles\/49178783818777-Temporary-withdrawal-suspension-July-24-2025\" target=\"_blank\">statement<\/a> that the exploit stemmed from a team member\u2019s device being compromised in a targeted phishing attack. This allowed the attacker limited access to the exchange\u2019s development environment.<\/p>\n<p>The first malicious withdrawal was initiated at 13:50 UTC+8, and over the course of the following two hours, more transactions took place. By 15:40 UTC+8, the problem had been identified and contained. While some attempted withdrawals were stopped in time, $14 million was successfully drained before the breach was stopped.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">We&#8217;re currently investigating a contained incident that occurred on WOO X earlier today<\/p>\n<p>While user funds and trading are unaffected, withdrawals have been temporarily paused while we complete the investigation.<\/p>\n<p>Stay tuned to this account for updates:  <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/t.co\/qWc9cDhn2z\" target=\"_blank\">https:\/\/t.co\/qWc9cDhn2z<\/a><\/p>\n<p>\u2014 WOO X (@_WOO_X) <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/_WOO_X\/status\/1948400223761342920?ref_src=twsrc%5Etfw\" target=\"_blank\">July 24, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n<p>    <!-- .cn-block-related-link --><\/p>\n<p>Blockchain security firm Cyvers Alerts <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/cyversalerts\/status\/1948414103178924286?s=46&amp;t=nznXkss3debX8JIhNzHmzw\" target=\"_blank\">flagged<\/a> over $12 million in suspicious activity connected to WOO X shortly after the incident. Tracked transactions included $1 million in Tether (USDT) sent from a WOO X hot wallet, converted to Ethereum (ETH), then moved to a new address, along with BTCB and BNB (BNB) transactions on BNB Chain. WOO X stated that all affected users will be fully reimbursed.<\/p>\n<h2 class=\"wp-block-heading\">Withdrawals paused as investigation continues<\/h2>\n<p>Withdrawals across the platform were suspended as a precaution, with the exchange saying it is prioritizing a full forensic review and the safe restoration of services. \u201cWe are working with external security teams and other exchanges to halt the flow of funds,\u201d the company stated.\u00a0<\/p>\n<p>WOO X has published six wallet addresses linked to the attacker and is actively tracking the stolen funds across chains. A timeline for restoring withdrawals will be disclosed once the full forensic review is complete.\u00a0<\/p>\n<p>The company emphasized that the breach was limited to nine high-value accounts and that core infrastructure remains secure.<\/p>\n<p>The incident adds to a rising number of centralized exchange breaches in July. On July 19, CoinDCX was exploited for $44.2 million via a Solana-to-Ethereum bridge, while BigONE lost over $27 million earlier this month from a hot wallet hack.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Crypto exchange WOO X reported a security breach on July 24 that resulted in unauthorized withdrawals totaling $14 million across nine user accounts.\u00a0 Summary WOO X exploit has been linked&hellip;<\/p>\n","protected":false},"author":1,"featured_media":5748,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5747","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/5747","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=5747"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/5747\/revisions"}],"predecessor-version":[{"id":5749,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/5747\/revisions\/5749"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/5748"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=5747"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=5747"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=5747"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}