The loss of Bitcoin, Ether, Tron, Polygon, and Optimism resulted from the breach, which compromised hot wallets on Indodax. The operations of Indodax have been temporarily suspended.
Indodax, an Indonesian cryptocurrency exchange, has turned off its mobile and web applications to investigate a compromise that resulted in a loss of approximately $22 million in various cryptocurrencies.
PeckShield, Cyvers, and SlowMist, among other blockchain investigation firms, issued an alert regarding an attack on Indodax’s hot wallets on September 11. The hacker seized substantial quantities of Bitcoin (BTC), TRON, ETHEREUM, POLYGON, and SHIBA INU.
Indodax’s withdrawal system is believed to have been breached, enabling the perpetrator to withdraw funds from the exchange’s hot wallet, according to SlowMist’s independent investigation. In contrast, Cyvers thought other systems, including the signature machine, were under attack.
The hacker seized over $1.42 million in Bitcoin, $2.4 million from the Tron blockchain tokens, over $14.6 million in various ERC-20 tokens, $2.58 million in POL, and $0.9 million ETH from the Optimism blockchain.
Cyvers identified over 150 suspicious transactions across multiple networks and reported that the perpetrator had initiated the exchange of tokens for Ether. After converting the stolen funds to ETH, hackers use crypto-mixing services like Tornado Cash to anonymize the wealth.
Indodax shuts all operations to investigate $22M hack
Indodax acknowledged the hack and informed users of a temporary shutdown of services shortly after the breach notifications. In a statement, the organization declared that:
“Currently, we are conducting a complete maintenance to ensure the entire system is operating properly. During this maintenance process, the INDODAX web platform and application are temporarily inaccessible.”
Nevertheless, the crypto exchange provided investors with assurances regarding the security of their crypto assets.
The Lazarus group, North Korea’s notorious cryptocurrency hackers, are suspected of involvement by Yosi Hammer, the director of AI at Cyvers. He informed BSCN:
“The pattern and the characteristics of the (Indodax) attack highly resemble those of North Korea’s Lazarus Group.”
Indodax maintains a reserve balance of $369 million, as CoinMarketCap data indicates. A portion of this balance may be utilized to compensate investors for their losses.
North Korean hackers increasingly target the crypto community
North Korea’s Lazarus cell was also responsible for the largest hack in July, which resulted in the loss of $235 million by crypto exchange WazirX.
Although the attack was initially detected by Web3 security firm Cyvers, blockchain forensics firm Elliptic informed Cointelegraph that the WazirX attack’s specific patterns and techniques led them to suspect that North Korean hackers were responsible.
ZachXBT, a cryptocurrency investigator, arrived at a comparable conclusion in addition to Elliptic.
