Indonesian crypto exchange Indodax has experienced a significant security breach, resulting in a loss of about $22 million in various cryptocurrencies.
Following the attack, the exchange has suspended its mobile and web applications to address the situation.
On September 11, blockchain analysis firms such as PeckShield, Cyvers, and SlowMist reported that Indodax’s hot wallets had been compromised. The stolen assets include Bitcoin, Tron, Ethereum, Polygon, Shiba Inu, and other tokens. Investigations revealed that the breach might have originated from a vulnerability in the withdrawal system, allowing the attacker to access the hot wallet.
The hacker managed to steal substantial amounts of Bitcoin, Tron’s TRX, various ERC-20 tokens, Polygon, and Ether from the Optimism blockchain. Cyvers identified over 150 suspicious transactions and noted that the stolen funds were being converted to Ether, likely using mixing services like Tornado Cash to obscure the trail.
In response, Indodax has temporarily halted its services to conduct a thorough investigation and assured users that their assets are secure. Yosi Hammer from Cyvers speculated that the Lazarus Group, a notorious North Korean hacking collective, could be behind the attack, citing similarities with previous incidents linked to the group.
Indodax’s current reserve balance is reported to be $369 million, potentially available to cover investor losses. This incident follows a similar hack in July involving WazirX, also attributed to the Lazarus Group.
In the wake of the $230 million hack at Indian crypto exchange WazirX, the attackers have moved another $12 million worth of Ethereum.
In Komsomolsk-on-Amur, a city in Russia’s Far East, an unnamed individual has been detained on charges of high treason for allegedly sending cryptocurrency to Ukraine’s military.
In a dramatic crypto heist, three hackers executed a scheme that defrauded a single victim of $243 million on August 19, 2024.
The Block reports that the Banana Gun team is currently investigating reports of a user wallet breach and has temporarily shut down the platform.