WEB3
by BSCN
September 11, 2024
The attack affected multiple chains, including Bitcoin (BTC), Ethereum (ETH), Tron (TRX), and Polygon (MATIC).
Indodax, Indonesia's leading cryptocurrency exchange, suffered a major security breach resulting in a loss of approximately $20.5 million, according to data from Cyvers shared with BSCN.
Cyvers, a leading blockchain security firm, detected suspicious activity when 660 ETH was transferred from Indodax’s hot wallet, prompting an immediate investigation. Over 160 critical red flags were raised during the attack, indicating a breach of multiple asset chains and rapid fund transfers.
The incident, which has impacted multiple blockchains, is suspected to be linked to North Korea's notorious Lazarus Group.
In a statement, Yosi Hammer, Head of Ai, Cyvers, told BSCN:
"While it is premature to confirm the involvement of any specific group, the attack's speed and complexity, the pattern and the characteristics of the attack highly resembles those of North Korea's Lazarus Group."
The Lazarus Group has been linked to some of the largest cyber thefts in the crypto space, utilizing a variety of techniques to exploit vulnerabilities in exchange systems.
Their signature methods include rapid asset transfers, access control violations, and multiple swaps across different chains—all of which were present in the Indodax exploit.
According to blockchain security firm Cyvers, the exploit affected several cryptocurrencies, including Bitcoin (BTC), Ethereum (ETH), Tron (TRX), and others. Initial estimates placed the losses at $18.2 million, but the latest tally revealed a total loss of $20.58 million.
The breakdown of losses includes:
$13.3 million in Ethereum (ETH)
$2.5 million in Tron (TRX)
$2.5 million in Polygon (MATIC)
$1.4 million in Bitcoin (BTC)
$883,000 in Optimism (OP)
Indodax responded following the attack; its platform was temporarily down for maintenance, with the company reassuring users that both crypto and rupiah funds were safe. In a statement on X (formerly Twitter),
Indodax announced:
"We have identified a potential security issue and are conducting complete maintenance to ensure the safety of our platform. Your balances remain secure."
While Indodax emphasized the safety of client funds, the exchange has not yet provided further details about how the breach occurred or the measures being taken to prevent future incidents.
This is not the first time Indodax has faced security-related issues. In June 2023, Indonesian authorities arrested two fraudsters who impersonated Indodax on fake social media accounts, according to BeInCrypto.
These individuals lured victims with fake investment opportunities, stealing around 625 million Indonesian Rupiah (approximately $40,500). While this incident was unrelated to the current exploit, it underscores the security challenges faced by the exchange.
The Indodax breach is just one in a series of high-profile crypto attacks this year. According to Immunefi’s Q2 2024 Crypto Losses Report, the crypto industry has seen a significant surge in cybercrime. In Q2 alone, nearly $570 million was stolen across various platforms, following $200 million in losses during Q1.
Disclaimer
Disclaimer: The views expressed in this article do not necessarily represent the views of BSCNews. The information provided in this article is for educational and informational purposes only and should not be construed as investment advice. BSCNews assumes no responsibility for any investment decisions made based on the information provided in this article
Latest News
October 8, 2024
Canary Capital Second to File for XRP ETF
October 8, 2024
How Onchain Consumer Apps are Disrupting Web2: A Deep Dive into Meme Culture and the Future of User Rewards
October 8, 2024
Crypto.com Takes Legal Action Against SEC Over Wells Notice
October 8, 2024
Binance's 60th Launchpool Project: What is Scroll?
October 8, 2024
Nick Szabo, Len Sassaman, or Someone Else: Who is the Real Satoshi Nakamoto?
October 7, 2024
Supreme Court OKs U.S. Government to Sell $4.4 Billion in Seized Silk Road Bitcoin
October 7, 2024
FTX Clears Path to Repay Customers: A $16 Billion Crypto Comeback
October 7, 2024
Bitget Announces Full Compensation Plan Following Sudden $BGB Token Crash