Indonesian cryptocurrency exchange Indodax experienced a security breach early Tuesday, resulting in the theft of over $22 million in digital assets from its hot wallets.
Security researchers from firms like SlowMist and CertiK reported the theft on X, detailing that the hacker stole large amounts of Bitcoin, Tron, ETH, Polygon (POL), and Shiba Inu SHIB, among other tokens. According to Arkham data, despite the breach, Indodax’s wallets still reportedly hold more than $400 million in various tokens.
Indodax, established in 2014 and targeting the Indonesian market, saw over $11 million worth of cryptocurrencies traded in the 24 hours leading to the attack, as reported by CoinGecko.
Following the breach, the exchange confirmed the incident on its X account, announcing that platform operations were paused due to “maintenance” activities.
“We are conducting complete maintenance to ensure the entire system is operating properly. During this maintenance process, the INDODAX web platform and application are temporarily inaccessible,” it said. Indodax also reassured investors that their crypto assets were safe despite the breach.
Several users on X and the exchange’s Telegram channel, however, reported that they could not see their wallet balances. Indodax’s X account also promoted a “giveaway” of Indonesian rupiah on Instagram, leading to concerns that their social media accounts might have been compromised, as well.
Halo Member INDODAX,
— indodax (@indodax) September 11, 2024
Kami ingin menginformasikan bahwa team security kami menemukan potensi indikasi keamanan pada platform kami.
Saat ini, kami sedang melakukan pemeliharaan menyeluruh untuk memastikan seluruh sistem beroperasi dengan baik. Selama proses pemeliharaan ini,… pic.twitter.com/kYAc6ilERF
In response to the breach, Indodax disabled its mobile and web applications. Blockchain security firms PeckShield, Cyvers, and SlowMist flagged the attack on Indodax’s hot wallets.
According to SlowMist, the breach appeared to exploit a vulnerability in the exchange’s withdrawal system, allowing unauthorized withdrawals from the hot wallet. Cyvers, meanwhile, suggested that other systems might have been targeted, such as the signature machine used for transaction approvals.
🚨SlowMist Security Alert🚨
— SlowMist (@SlowMist_Team) September 11, 2024
Indonesian crypto exchange @indodax suffered an attack a few hours ago, with the hacker stealing various tokens from hot wallets. The total loss is approximately $22 million💸. Below are the details of the losses⬇️ pic.twitter.com/r4i0rBbctJ
Cyvers reported more than 150 suspicious transactions across multiple networks and indicated that the hacker started converting the stolen tokens to Ethereum. “After converting the stolen funds to ETH, hackers use crypto mixing services such as Tornado Cash to siphon the loot anonymously,” said Cyvers.
Yosi Hammer, head of AI at Cyvers, speculated that North Korea’s Lazarus Group could be behind the Indodax attack, stating, “The pattern and the characteristics of the (Indodax) attack highly resemble those of North Korea’s Lazarus Group.” The Lazarus Group has been linked to several major cryptocurrency hacks in the past and has reportedly laundered over $200 million in hacked cryptocurrencies since 2020.
Previous incidents have also pointed to North Korean involvement, including a significant attack on the crypto exchange WazirX in July, where $235 million was lost. Multiple blockchain forensics firms, such as Elliptic, have suggested similar patterns in that attack, pointing to North Korean hackers. Cryptocurrency investigator ZachXBT also reached a similar conclusion regarding the WazirX breach.
The Indodax hack is still under investigation.
Read More
- Blockchain Tracks North Korean Hackers’ Movement of Funds Following WazirX Incident
- North Korean Crypto Heist Spree: ETFs Now in the Crosshairs
- WazirX vs Liminal Custody: The $230M Crypto Blame Game
Lawrence does not hold any crypto asset. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.