ALEX Labs Confirms Major Security Breach, Suspends Platform Operations, and Launches Full Investigation Into Multi-Asset Hack

On June 6, Alex Labs confirmed a security breach in an X post. The platform said malicious actors had impacted its systems and services. Operations were halted temporarily to reduce any potential further risks. The team also said it was working with centralized exchanges to trace the stolen funds. Some stolen assets had reportedly been moved to these trading platforms. Alex Labs said that a full technical review would follow at a later time. Users were advised to monitor official updates for any new details.

Community Members Flag Possible Alex Labs Hack and Stolen Assets

Before the official statement on Alex Labs’ security breach, @Crusader__btc published an X post regarding this matter. The post estimated losses of 62 stolen Bitcoin, 8 million STX tokens, 119 million Alex tokens, and $1.7 million USDT. These numbers have not been confirmed or denied by Alex Labs representatives. Despite this community reaction was swift, showing concern over repeated DeFi security issues. Some users questioned the platform’s past responses to similar attacks. Others urged caution until official data from Alex Labs appeared publicly.

Alex Labs Previously Lost Over $4 million in May 2024 Hack

This is not the first Alex Labs hack in recent years. In May 2024, it suffered a major security incident that led to losses exceeding $4 million. Investigators later linked that attack to the Lazarus Group, a cybercrime entity with alleged connections to North Korea. This conclusion came from blockchain analysis performed partly by ZachXBT. Transaction data and tracing methods helped analysts draw that link. Alex Labs publicly shared these findings to maintain transparency internally. The platform also pledged to enhance its defenses after that event.

During the 2024 incident, two specific wallet addresses were key to tracking stolen funds. Alex Labs analysts used these addresses to confirm Lazarus Group involvement. The platform worked closely with global law enforcement and cybersecurity teams. These collaborations aimed to recover a portion of the misappropriated assets. Alex Labs stressed its commitment to user safety throughout that process. Authorities managed to freeze some tokens linked to those addresses. Such joint efforts highlighted the importance of cross-border cooperation in DeFi security incidents.

CertiK Found Bridge Exploit Behind Alex Labs’ 2024 Hack

Investigators found that the 2024 exploit began with a phishing scheme targeting private keys. Those keys allowed attackers to control the platform’s bridge service and move assets. The compromised component, known as XLink, bridged assets across multiple blockchain networks. Security firm CertiK confirmed that the breach involved this bridge vulnerability. Estimated losses included over $300,000 in stolen Bitcoin and about $3.3 million in stablecoins. Other digital tokens were also taken in that same attack. Users were warned to avoid suspicious links and safeguard private access credentials.

After the breach, Alex Labs contacted the Singapore police and several major exchanges. Exchanges froze certain tokens, particularly STX, to prevent further transfers. The platform also requested assistance from authorities in Korea and the United States. Discussions were held on the fate of the frozen assets. Any potential return of frozen tokens depended on legal procedures and authority approval. Alex Labs noted that updates on recovered assets would be shared once the process concluded. This case emphasized how exchanges and law enforcement can work together effectively.

In the aftermath of the 2024 incident, Alex Labs identified a suspect believed to be responsible. The team offered a bounty for returning the majority of the stolen funds. The proposal asked for 90% of the assets to be returned in exchange for a 10% reward. The offer also included no legal action if the attacker complied voluntarily. A deadline was set for this agreement to take effect. No public updates were issued on whether the attacker was accepted. This approach aimed to recover assets while avoiding protracted legal battles.

Recent Hacks Highlight Ongoing Vulnerabilities in DeFi Price Oracles

Other recent hacks have also exploited DeFi vulnerabilities. On May 22, 2025, Cetus Protocol experienced a devastating exploit on the Sui Network. Hackers manipulated token prices and exploited flaws in the platform’s price oracles. They drained nearly $260 million from liquidity pools in a single attack. That event forced validators to freeze assets and consider temporary centralization measures. Consequently, debates arose over balancing decentralization principles with emergency intervention tactics. These incidents underscore the urgent need for stronger security standards across DeFi platforms.

ALEX Exploit Leads to Over $8 Million in STX, sBTC, and USDC Losses

The Official ALEX X page posted an update on June 7: “On June 6, 2025, ALEX Protocol was exploited via a flaw in the self-listing verification logic.” The exploit drained multiple asset pools across the Stacks network, including 8,403,867.57 STX worth $ 5,691,255.93. The attacker also removed 21.85 sBTC valued at $ 2,244,751.87. Further losses included 149,850 USDC/USDT totaling $ 149,850.00 and 2.80 WBTC worth $ 287,369.33, bringing total losses to $ 8,373,227.13.

A compensation plan will fully reimburse affected users in USDC from the ALEX Lab Foundation treasury. Reimbursements calculate losses using average on-chain exchange rates between 10:00 UTC and 14:00 UTC. All affected wallets receive a private on-chain claim notification by June 8, 2025, 23:59 UTC. Users must submit completed claim forms by June 10, 2025, 23:59 UTC to confirm receiving addresses. Funds will be distributed within 7 business days after verification, and users missing notifications should contact [email protected].