- Blockbasis
- Posts
- Indodax: Inside the $22M Crypto Hack & Temporary Shutdown
Indodax: Inside the $22M Crypto Hack & Temporary Shutdown
Investigating Indodax's $22 Million Hack: Temporary Shutdown, Suspected Lazarus Group Involvement, and Security Measures to Protect User Assets
TL;DR
Indonesian crypto exchange Indodax suffered a $22 million hack, prompting a temporary shutdown for a full security maintenance. The stolen assets were converted to various cryptocurrencies, and the attack is suspected to be linked to North Korea’s Lazarus Group. Indodax reassured users that their funds remain safe.
Make Sure This Hack Doesn’t Happen To You 🫵
Subscribe to Blockbasis and get access to our premium scanner to check whether your the funds in your wallet is safeguarded from hacks 🔐
For a limited period only, you can get a 7 day FREE trial!
Tried to scan your wallet for any exploited contracts connected to your wallet?
If not, you probably should. Better be safe than sorry 🙏
— Blockbasis (@Blockbasis)
1:19 PM • May 6, 2022
All for just $50/month after the trial.
Don't miss out! Grab your FREE trial today 👇
On September 11, 2024, Indonesian cryptocurrency exchange Indodax suffered a significant security breach, resulting in the theft of over $22 million in various cryptocurrencies.
This incident has raised alarms within the crypto community, highlighting the persistent vulnerabilities in digital asset platforms.
The attack was first reported by blockchain analytics firm SlowMist.
According to their analysis, an unidentified hacker managed to infiltrate Indodax's security systems and withdraw substantial amounts of crypto liquidity from the platform's hot wallets.
🚨SlowMist Security Alert🚨
Indonesian crypto exchange @indodax suffered an attack a few hours ago, with the hacker stealing various tokens from hot wallets. The total loss is approximately $22 million💸. Below are the details of the losses⬇️
— SlowMist (@SlowMist_Team)
3:23 AM • Sep 11, 2024
SlowMist’s findings indicate that the hacker was able to execute this heist without being detected until after the funds were already moved.
Post-theft, the hacker swiftly converted the stolen tokens into different cryptocurrencies.
Analysts from Cyvers, another blockchain forensic firm, confirmed that the stolen tokens were exchanged for Ethereum (ETH), TRON (TRX), Polygon (POL), and Bitcoin (BTC).
This conversion strategy suggests that the hacker aimed to diversify and obscure the trail of the stolen assets, complicating recovery efforts.
Following the reports of the breach, Indodax issued a statement on their official page on X (formerly Twitter).
The statement acknowledged a "potential security issue" on the platform and assured users that a thorough maintenance check was underway to ensure system integrity.
Indodax also temporarily suspended platform access as a precautionary measure. "User balances remain 100% safe both in crypto and rupiah," the statement read.
Halo Member INDODAX,
Kami ingin menginformasikan bahwa team security kami menemukan potensi indikasi keamanan pada platform kami.
Saat ini, kami sedang melakukan pemeliharaan menyeluruh untuk memastikan seluruh sistem beroperasi dengan baik. Selama proses pemeliharaan ini,… x.com/i/web/status/1…
— indodax (@indodax)
1:37 AM • Sep 11, 2024
However, Indodax has yet to disclose specific details regarding the nature and mechanics of the hack.
With over 4.3 million registered and verified members, Indodax's user base is significantly affected by this breach.
The temporary suspension of access has caused concern among users, despite reassurances about the safety of their balances.
Indodax, founded in 2014 by Oscar Darmawan and William Sutanto, Is formerly known as Bitcoin Indonesia. It has grown to become one of Southeast Asia's largest cryptocurrency exchanges.
The platform prides itself on being a secure and reliable avenue for trading digital assets, boasting certifications and permits from the Commodity Futures Exchange Supervisory Board and the Ministry of Communication and Information of the Republic of Indonesia.
On the bright side, According to CoinMarketCap data, Indodax holds a reserve balance of $369 million.
This substantial reserve could be leveraged to compensate investors for their losses and reinforce the platform’s security infrastructure.
The exchange’s ability to manage such crises will be critical in maintaining user trust and ensuring long-term viability.
Suspicions of Lazarus Group Involvement
Yosi Hammer, head of AI at Cyvers, suspects that the notorious North Korean hacking group, Lazarus Group, might be behind the attack.
Hammer highlighted that the pattern and characteristics of the Indodax hack closely resemble previous attacks attributed to Lazarus Group.
This group has a well-documented history of targeting cryptocurrency platforms, making it a prime suspect in this case.
The Lazarus Group has been linked to numerous high-profile cryptocurrency heists. Since 2020, the group has laundered over $200 million in hacked crypto assets.
One of the largest hacks in July 2024 saw Indian crypto exchange WazirX losing $235 million, which was also attributed to Lazarus Group.
Blockchain forensics firm Elliptic and cryptocurrency investigator ZachXBT have corroborated these findings, identifying similar patterns in the WazirX and Indodax attacks.
The Indodax hack offers several key lessons for the cryptocurrency industry.
Firstly, it underscores the necessity for exchanges to adopt advanced security measures, including multi-factor authentication, regular security audits, and comprehensive incident response plans.
Secondly, it highlights the importance of transparency and timely communication with users during and after security incidents.
As Indodax works to recover from this breach, other exchanges are likely to review and bolster their own security protocols.
The incident may also prompt regulatory bodies to introduce stricter security requirements and oversight for cryptocurrency platforms.
Bottom Line …
The $22 million hack on Indodax is a significant event in the cryptocurrency landscape, illustrating both the potential rewards and risks associated with digital asset trading.
As the investigation into the breach continues, the crypto community will be closely monitoring the situation for further developments and insights into how such incidents can be prevented in the future.
Indodax’s response and recovery efforts will be crucial in restoring user trust and maintaining its position as a leading cryptocurrency exchange in Southeast Asia.
Want SOC 2 compliance without the Security Theater?
Question 🤔 does your SOC 2 program feel like Security Theater? Just checking pointless boxes, not actually building security?
In an industry filled with security theater vendors, Oneleet is the only security-first compliance platform that provides an “all in one” solution for SOC 2.
We’ll build you a real-world Security Program, perform the Penetration Test, integrate with a 3rd Party Auditor, and provide the Compliance Software … all within one platform.