Indodax reassures users their funds are safe and temporarily suspends services for maintenance following a significant cyber attack.
Indodax, a prominent cryptocurrency exchange in Indonesia, recently experienced a substantial security breach resulting in the theft of approximately $22 million in various cryptocurrencies. The incident, which came to light on September 11, was flagged by several blockchain investigation firms, including PeckShield, Cyvers, and SlowMist, who identified unusual activities linked to Indodax’s hot wallets. The investigations disclosed that the attacker managed to drain large amounts of Bitcoin, Tron, Ether, and other digital assets from the platform.
Cyvers reported that the hacker executed over 150 suspicious transactions, converting the stolen funds into Ether. These conversions were often followed by the use of crypto-mixing services such as Tornado Cash, which are designed to obscure the origin and trail of the illicitly obtained funds. In response to the breach, Indodax proactively suspended its mobile and web applications to conduct a comprehensive investigation into the security lapse.
Yosi Hammer, the AI head at Cyvers, pointed out that the hacking techniques bore similarities to those commonly employed by North Korea’s notorious Lazarus Group. This method of attack closely mirrors a previous hack on WazirX, where $235 million was stolen and similarly attributed to the Lazarus Group. According to findings from SlowMist, the breach likely exploited vulnerabilities within Indodax’s withdrawal system.
Despite the ongoing investigation and temporary suspension of services, Indodax has assured its users that their funds remain secure. The exchange emphasized its commitment to performing rigorous maintenance to bolster system security and expedite the restoration of normal operations. Additionally, Indodax has announced a giveaway of 3 million Rupiah (approximately $195) to its customers during this period of downtime, capturing significant attention.
The situation at Indodax underscores growing concerns about the frequency of cyberattacks targeting cryptocurrency exchanges. Particularly, the decentralized finance (DeFi) sector has seen an alarming uptick in such exploits, prompting critical evaluations of existing security protocols.
In response to the escalating threat landscape in the crypto industry, collaborative efforts are gaining momentum. Notably, Tether, TRON, and TRM Labs have initiated the T3 financial crime unit aimed at combating crypto crimes. These initiatives are crucial in addressing and mitigating rising security threats, especially within decentralized platforms like DeFi.