Indodax, one of Indonesia's leading cryptocurrency exchanges, suffered a significant attack resulting in approximately $20.5 million in losses. Blockchain security experts from Cyvers promptly detected suspicious activity and started an investigation.
Details of the Incident
According to Cyvers, 660 ETH were withdrawn from Indodax’s hot wallet during the attack, prompting an immediate investigation. Over 160 critical red flags were raised, indicating a breach of systems and rapid fund transfers. The incident affected multiple blockchain networks, raising suspicions of involvement by the infamous North Korean group, Lazarus.
Indodax's Response
Following the attack, Indodax temporarily shut down its platform for maintenance, reassuring users of the security of their funds. In a statement on X (formerly Twitter), Indodax noted: “We have identified a potential security issue and are conducting complete maintenance to ensure the safety of our platform. Your balances remain secure.”
Previous Security Challenges
This incident is not the first for Indodax regarding security. In June 2023, Indonesian authorities arrested two fraudsters who impersonated Indodax on fake social media accounts. These individuals deceived victims with fake investment opportunities, stealing around 625 million Indonesian Rupiah (approximately $40,500). Though unrelated to the current exploit, this incident highlights the persistent security challenges faced by the exchange.
The Indodax breach is one in a series of major crypto attacks this year. According to Immunefi's Q2 2024 Crypto Losses Report, the crypto industry lost approximately $570 million due to cyberattacks in the second quarter alone, following $200 million in losses in the first quarter.
Comments