In what’s turning out to be a nightmare for crypto enthusiasts, Indodax, a popular Indonesian cryptocurrency exchange, just announced a massive $22 million loss due to a sophisticated hack. The thieves targeted the exchange’s hot wallets, snatching a variety of cryptocurrencies including big names like Bitcoin and Ether as well as TRX and MATIC.
The Hack That Shook Indodax
The alarm first went off on September 11 when top blockchain security outfits like PeckShield, Cyvers, and SlowMist flagged some fishy activities. It turns out, a hacker had wormed into Indodax’s systems and made off with a hefty stash that included everything from Bitcoin to some lesser-known tokens like Shiba Inu. SlowMist has put out that the hacker managed to game Indodax’s withdrawal system to pull off this heist.
Cyvers dove deeper and uncovered over 150 transactions that reeked of foul play across various blockchain networks, summing up to the tune of $22 million. These included $1.42 million in Bitcoin alone, with millions more in other digital currencies. The thief, not stopping there, began converting these stolen assets into Ether, likely aiming to wash the digital money through mixers like Tornado Cash to hide the funds stolen from Indodax.
Indodax Hits the Brakes
In response, Indodax hit the emergency button, taking down its site and app to halt further damage. “We’re on full maintenance mode to check on our systems,” said a spokesperson from Indodax. They’ve assured everyone that user funds are safe for now, but the services will remain offline until they’re sure the coast is clear.
While they’ve promised that users’ assets are secure, they’ve been tight-lipped about how they plan to make things right for those affected. However, Indodax hinted at a recovery plan that’s possibly in the pipeline.
Lazarus Group in the Crosshairs?
The plot thickens as experts begin to suspect North Korea’s infamous Lazarus Group might be behind this attack on Indodax. Yosi Hammer from Cyvers pointed out that the techniques used in this heist match the MO of previous attacks attributed to Lazarus. Remember the WazirX hack where $235 million vanished into thin air? Yep, that was them too.
What’s Next for Indodax and Its Users?
Despite the setback, Indodax isn’t down for the count. They boast a reserve of $369 million, which might help cushion the blow for those hit by the hack. How Indodax handles the fallout from this incident could set the tone for future trust and security in the crypto trading world.
As the dust settles, this breach is a stark reminder of the lurking dangers in the world of crypto trading, especially concerning the use of hot wallets. Exchanges everywhere are now under the microscope, pressured to ramp up their defenses against increasingly crafty cybercriminals.
Discussion about this post