TL;DR
WOO X exchange remains paralyzed days after a sophisticated phishing attack drained $14 million from nine user accounts, forcing a platform-wide withdrawal freeze. The Taiwan-based platform confirmed an employee compromise enabled hackers to bypass security measures, triggering frantic withdrawals between 13:50 and 15:40 UTC+8 before interventions halted the theft.
Despite pledging updates “once systems reopen,” the exchange has maintained an ominous silence for over 30 hours since its initial disclosure, leaving users stranded amid growing frustration.
Update 3: The exploit stemmed from a team member device being compromised in a targeted phishing attack, allowing the exploiter to gain access to the development environment. Many security measures limited the access, but gave the exploiter time to coordinate a series of…
— WOO X (@_WOO_X) July 25, 2025
The breach originated from a targeted phishing attack against a WOO X team member, granting attackers temporary access to internal systems. Though the exchange touted “many security measures” limiting damage, hackers exploited this foothold to orchestrate coordinated withdrawals from vulnerable user wallets.
This marks the second major security incident in under a year after 2023’s $26 million API key exploit involving market maker Kronos Research, raising serious questions about WOO X’s operational safeguards.
Beyond blanket withdrawal suspensions, WOO X imposed targeted freezes on four volatile Solana-based memecoins: Melania (MEL), Fartcoin (FRTC), Trump (TRUMP), and Pengu (PENGU). The move aims to prevent potential wash trading or liquidity manipulation during the crisis, but has angered traders holding these assets.
Blockchain analysts note the stolen funds included Bitcoin and Ethereum, though WOO X hasn’t disclosed specific asset breakdowns or confirmed recovery efforts.
The 2023 Kronos Research liquidity crisis, where WOO X halted markets citing “user protection”, now haunts its response. Then, as now, the exchange prioritized system lockdowns over transparent communication. Users report support tickets yielding only boilerplate replies directing them to social channels for updates. “We’re investigating fully,” a support agent told news outlets, offering no timeline for resolution or fund recovery.
With withdrawals frozen and trust evaporating, WOO X faces existential pressure. The exchange hasn’t clarified whether stolen funds came from hot wallets or individual accounts, nor whether affected users will be reimbursed. As competitors like Binance and OKX capitalize on the incident by highlighting their security protocols, WOO X’s brand damage mounts by the hour.
