The loss of Bitcoin, Ether, Tron, Polygon, and Optimism resulted from the breach, which compromised hot wallets on Indodax. The operations of Indodax have been temporarily suspended.
Indodax, an Indonesian cryptocurrency exchange, has turned off its mobile and web applications to investigate a compromise that resulted in a loss of approximately $22 million in various cryptocurrencies.
PeckShield, Cyvers, and SlowMist, among other blockchain investigation firms, issued an alert regarding an attack on Indodax’s hot wallets on September 11. The hacker seized substantial quantities of Bitcoin (BTC), TRON, ETHEREUM, POLYGON, and SHIBA INU.
Indodax’s withdrawal system is believed to have been breached, enabling the perpetrator to withdraw funds from the exchange’s hot wallet, according to SlowMist’s independent investigation. In contrast, Cyvers thought other systems, including the signature machine, were under attack.
The hacker seized over $1.42 million in Bitcoin, $2.4 million from the Tron blockchain tokens, over $14.6 million in various ERC-20 tokens, $2.58 million in POL, and $0.9 million ETH from the Optimism blockchain.
Cyvers identified over 150 suspicious transactions across multiple networks and reported that the perpetrator had initiated the exchange of tokens for Ether. After converting the stolen funds to ETH, hackers use crypto-mixing services like Tornado Cash to anonymize the wealth.
Indodax acknowledged the hack and informed users of a temporary shutdown of services shortly after the breach notifications. In a statement, the organization declared that:
“Currently, we are conducting a complete maintenance to ensure the entire system is operating properly. During this maintenance process, the INDODAX web platform and application are temporarily inaccessible.”
Nevertheless, the crypto exchange provided investors with assurances regarding the security of their crypto assets.
The Lazarus group, North Korea’s notorious cryptocurrency hackers, are suspected of involvement by Yosi Hammer, the director of AI at Cyvers. He informed BSCN:
“The pattern and the characteristics of the (Indodax) attack highly resemble those of North Korea’s Lazarus Group.”
Indodax maintains a reserve balance of $369 million, as CoinMarketCap data indicates. A portion of this balance may be utilized to compensate investors for their losses.
North Korea’s Lazarus cell was also responsible for the largest hack in July, which resulted in the loss of $235 million by crypto exchange WazirX.
Although the attack was initially detected by Web3 security firm Cyvers, blockchain forensics firm Elliptic informed Cointelegraph that the WazirX attack’s specific patterns and techniques led them to suspect that North Korean hackers were responsible.
ZachXBT, a cryptocurrency investigator, arrived at a comparable conclusion in addition to Elliptic.
Like Google, Amazon has released an AI-powered video generator, but it can only do a few things at a time…
Upchieve, a free app offering 24/7 college counseling and tutoring for low-income students, introduces a new tool to support teachers…
The crypto regulators in Hong Kong may launch Ethereum ETF staking by the end of 2024, which could likely give…
The US SEC is seeking a Coinbase lawsuit discovery extension as they have reached an agreement with Coinbase to shift…
Worldcoin, a global digital identity and cryptocurrency initiative, has introduced Face Auth, a new security measure for the World ID…
Through a partnership with Boerse Stuttgart Digital, Germany's DZ Bank will make crypto trading and custody services available to its…