Alex Lab hack reportedly hits SPD Bank clients after earlier $8.3M exploit

Hack on Bitcoin DeFi protocol Alex Lab has reportedly spilled into traditional finance, with ChainCatcher saying customers of Shanghai Pudong Development Bank, or SPD Bank, were among those affected in the latest incident.

• Alex Lab previously pledged to reimburse users after an $8.3 million exploit and has faced repeated security failures.
• North Korean-linked groups, including Lazarus, have been tied to earlier Alex Lab-related operations targeting both banks and DeFi projects.

A recent security incident at Bitcoin DeFi protocol Alex Lab has spilled over into the traditional banking system, with Chinese outlet ChainCatcher reporting that customers of Shanghai Pudong Development Bank (SPD Bank) were among those affected by the latest exploit.

According to Unchained, Alex Lab, built on the Stacks (STX) network, “suffered a major security breach on June 6, resulting in the loss of around $8.3 million of digital assets,” including 8.4 million STX, 21.85 sBTC and several hundred thousand dollars worth of USDT, USDC and wBTC, all valued in the low eight figures in $ terms at the time.

In that earlier case, the protocol said it would “fully reimburse affected users,” stressing that it would cover the losses from its own treasury while working with law enforcement and exchanges to track funds.

Alex Lab’s serial breaches and DPRK links

The June 2025 exploit was not Alex Lab’s first serious incident.

Security firm Halborn noted that “the Alex Lab hack involved $8.3M in losses and was caused by the inability to identify failed transactions on the Stacks blockchain,” highlighting a basic but critical flaw in the protocol’s self-listing verification logic.

Earlier, a 2024 attack on Alex’s cross-chain bridge — known as XLink — drained more than $4 million, with investigators later tying the operation to North Korea’s Lazarus Group, according to a detailed incident report cited by Coinfomania.

A joint sanctions-evasion dossier published by Japan’s Ministry of Foreign Affairs lists both “Alex Lab (based in Singapore)” and major Chinese commercial lenders, including “Shanghai Pudong Development Bank,” as among entities targeted or compromised by DPRK-linked advanced persistent threat (APT) clusters such as Kimsuky and TraderTraitor.

That document underscores how North Korean cyber units have increasingly blended traditional finance targets like SPD Bank with DeFi protocols such as Alex Lab in multi-stage laundering workflows.

Regulators and market participants are now watching closely to see whether Alex Lab can credibly rebuild security after repeated failures and whether Chinese authorities move to shield banks from further digital-asset contagion.