On September 11, 2024, Indonesian crypto exchange Indodax experienced a severe security breach that led to the theft of approximately $22 million in cryptocurrencies. The attack compromised the exchange’s hot wallets, resulting in significant losses across various digital assets, including Bitcoin, Ether, Tron, Polygon, and Shiba Inu. Following the incident, Indodax took immediate action by suspending both its mobile and web applications to investigate the breach and secure its systems.
Blockchain investigation firms, including PeckShield, Cyvers, and SlowMist, were quick to alert the public about the attack. SlowMist’s analysis pointed to a vulnerability in Indodax’s withdrawal system, which facilitated the unauthorized withdrawal of funds. Meanwhile, Cyvers suggested that other systems, such as the signature machine, might have also been targeted. The attacker’s methods included converting stolen tokens into Ether and using crypto mixing services like Tornado Cash to obscure the transaction trail.
The stolen funds were substantial, with over $1.42 million in Bitcoin, $2.4 million in Tron tokens, more than $14.6 million in ERC-20 tokens, $2.58 million in Polygon, and $0.9 million in Ether from the Optimism blockchain. Cyvers reported over 150 suspicious transactions across multiple networks, highlighting the sophisticated nature of the attack. The hacker’s use of crypto mixing services to launder the stolen funds further complicates efforts to trace and recover the assets.
Indodax has temporarily shut down its platform to conduct a comprehensive system maintenance and ensure that all operations are secure. The exchange reassured users about the safety of their remaining assets and committed to addressing the vulnerabilities that led to the attack. Speculation about the involvement of North Korea’s Lazarus Group, known for its high-profile crypto heists, has surfaced, with experts pointing to similarities in attack patterns. As the investigation continues, Indodax’s financial reserves are expected to play a crucial role in mitigating the impact on affected users.
Reference:
