Indodax, Indonesia's leading cryptocurrency exchange, suffered a major security breach resulting in a loss of approximately $20.5 million, according to data from Cyvers shared with BSCN. 

Cyvers, a leading blockchain security firm, detected suspicious activity when 660 ETH was transferred from Indodax’s hot wallet, prompting an immediate investigation. Over 160 critical red flags were raised during the attack, indicating a breach of multiple asset chains and rapid fund transfers.

The incident, which has impacted multiple blockchains, is suspected to be linked to North Korea's notorious Lazarus Group. 

In a statement, Yosi Hammer, Head of Ai, Cyvers, told BSCN: 

"While it is premature to confirm the involvement of any specific group, the attack's speed and complexity, the pattern and the characteristics of the attack highly resembles those of North Korea's Lazarus Group."

The Lazarus Group has been linked to some of the largest cyber thefts in the crypto space, utilizing a variety of techniques to exploit vulnerabilities in exchange systems. 

Their signature methods include rapid asset transfers, access control violations, and multiple swaps across different chains—all of which were present in the Indodax exploit.

Details of the Exploit

According to blockchain security firm Cyvers, the exploit affected several cryptocurrencies, including Bitcoin (BTC), Ethereum (ETH), Tron (TRX), and others. Initial estimates placed the losses at $18.2 million, but the latest tally revealed a total loss of $20.58 million. 

The breakdown of losses includes:

• $13.3 million in Ethereum (ETH)

• $2.5 million in Tron (TRX)

• $2.5 million in Polygon (MATIC)

• $1.4 million in Bitcoin (BTC)

• $883,000 in Optimism (OP)

Indodax's Response

Indodax responded following the attack; its platform was temporarily down for maintenance, with the company reassuring users that both crypto and rupiah funds were safe. In a statement on X (formerly Twitter), 

Indodax announced:

"We have identified a potential security issue and are conducting complete maintenance to ensure the safety of our platform. Your balances remain secure."

While Indodax emphasized the safety of client funds, the exchange has not yet provided further details about how the breach occurred or the measures being taken to prevent future incidents.

Previous Security Challenges for Indodax

This is not the first time Indodax has faced security-related issues. In June 2023, Indonesian authorities arrested two fraudsters who impersonated Indodax on fake social media accounts, according to BeInCrypto. 

These individuals lured victims with fake investment opportunities, stealing around 625 million Indonesian Rupiah (approximately $40,500). While this incident was unrelated to the current exploit, it underscores the security challenges faced by the exchange.

The Indodax breach is just one in a series of high-profile crypto attacks this year. According to Immunefi’s Q2 2024 Crypto Losses Report, the crypto industry has seen a significant surge in cybercrime. In Q2 alone, nearly $570 million was stolen across various platforms, following $200 million in losses during Q1.