Indodax, Indonesia’s top crypto exchange, has gone offline following a $22 million hack, sparking an immediate investigation into the breach that compromised hot wallets across several blockchain networks.
Indodax Suffers $22M Crypto Hack
After losing almost $22 million in several cryptocurrencies, the Indonesian crypto exchange Indodax stopped its web and mobile apps to investigate the hack.
Several blockchain research companies, including PeckShield, SlowMist, and Cyvers, issued an alarm on September 11th about a potential assault on Indodax's hot wallets. According to Cointelegraph, the hacker made off with substantial sums of tokens like Bitcoin, Tron, Ether, and Polygon.
According to SlowMist's analysis, the hacker was able to access the exchange's hot wallet and remove funds through a hole in Indodax's withdrawal system. However, Cyvers thought the signature machine and other systems were compromised.
The hacker made off with over $1.42 million worth of Bitcoin, $2.4 million worth of Tron tokens, over $14.6 million worth of ERC-20 tokens, $2.58 million worth of POL, and $0.9 million worth of ETH off the Optimism blockchain.
Hacker Converts Stolen Tokens to Ether
According to Cyvers' assessment, the hacker began exchanging the tokens for Ether after detecting over 150 suspicious transactions across various networks. Hackers utilize crypto mixing services like Tornado Cash to secretly steal the wealth after converting it to ETH.
Indodax quickly recognized the attack and alerted users about the temporary stoppage of services shortly after the breach warnings. A statement from the firm read:
“Currently, we are conducting a complete maintenance to ensure the entire system is operating properly. During this maintenance process, the INDODAX web platform and application are temporarily inaccessible.”
Nevertheless, the cryptocurrency exchange provided investors with reassurance over the security of their crypto holdings.
Lazarus Group Suspected in Indodax Hack
Yosi Hammer, Cyvers's head of AI, has reason to believe that the notorious Lazarus organization—a group associated with North Korea—is involved. He stated to BSCN:
“The pattern and the characteristics of the (Indodax) attack highly resemble those of North Korea’s Lazarus Group.”
Indodax has $369 million in reserves, which could be used to compensate investors for their losses, according to statistics from CoinMarketCap.