Indonesian Crypto Exchange Indodax Faces $22 Million Hack

Highlights:

• Indodax suspended operations after a $22 million hack.
• The hacker converted stolen funds into Bitcoin, Ethereum, POL, and Tron.
• Yosi Hammer links the Indodax attack to North Korea’s Lazarus group.

Indonesian cryptocurrency exchange Indodax has reportedly suffered a security breach, leading to substantial losses of around $22 million. On September 11, blockchain investigation firms PeckShield, SlowMist, and Cyvers reported an attack on the exchange’s hot wallets. According to SlowMist, the hacker stole over $1.42 million in Bitcoin, over $14.6 million in various ERC-20 tokens, $2.4 million from the Tron blockchain tokens, $2.58 million in POL, and $0.9 million ETH.

🚨SlowMist Security Alert🚨

Indonesian crypto exchange @indodax suffered an attack a few hours ago, with the hacker stealing various tokens from hot wallets. The total loss is approximately $22 million💸. Below are the details of the losses⬇️ pic.twitter.com/r4i0rBbctJ

— SlowMist (@SlowMist_Team) September 11, 2024

Cyvers identified over 150 suspicious transactions across various networks and noted that the hacker began exchanging the stolen tokens for Ether. After converting the funds to ETH, the hackers utilized crypto mixing services like Tornado Cash to obscure their tracks and anonymize the stolen assets.

Indodax Suspends All Operations Following $22 Million Hack

Meanwhile, Indodax has not yet released a full report detailing how the exploit happened. After the incident, the crypto exchange notified its customers via an X post that its security team had identified a “potential security issue” and was performing comprehensive maintenance to ensure the entire system was functioning correctly. Indodax assured that its users’ funds remained “100% safe” both in crypto and rupiah.

The exchange stated:

“Currently, we are conducting a complete maintenance to ensure the entire system is operating properly. During this maintenance process, the INDODAX web platform and application are temporarily inaccessible.”

Halo Member INDODAX,

Kami ingin menginformasikan bahwa team security kami menemukan potensi indikasi keamanan pada platform kami.

Saat ini, kami sedang melakukan pemeliharaan menyeluruh untuk memastikan seluruh sistem beroperasi dengan baik. Selama proses pemeliharaan ini,… pic.twitter.com/kYAc6ilERF

— indodax (@indodax) September 11, 2024

Yosi Hammer Links Indodax Hack to Lazarus Group

Yosi Hammer, the head of AI at Cyvers, has suggested that North Korea’s notorious Lazarus group may be involved. He told to BSCN that the pattern and characteristics of the Indodax attack bear a strong resemblance to those seen in Lazarus group operations. The largest hack in July, where crypto exchange WazirX lost $235 million, was also attributed to North Korea’s Lazarus group.

UPDATE: "THE PATTERN AND THE CHARACTERISTICS OF THE [INDODAX] ATTACK HIGHLY RESEMBLE THOSE OF NORTH KOREA'S LAZARUS GROUP," YOSI HAMMER, HEAD OF AI, CYVERS, TOLD BSCN https://t.co/EC0t9WxD25

— BSCN Headlines (@BSCNheadlines) September 11, 2024

Established in 2014 by William Sutanto and Oscar Darmawan, Indodax has over 4.3 million registered and verified members. The exchange also holds several certifications and permits from the Commodity Futures Trading Regulatory Authority and the Ministry of Communication and Information of the Republic of Indonesia.

Additionally, this is not Indodax’s first security issue. In June 2023, regional police in Indonesia arrested two fraudsters who had impersonated Indodax using fake social media accounts. These criminals tricked potential investors with false investment opportunities, defrauding them of about 625 million Indonesian Rupiah (~$40,500).

Crypto Crimes on A Massive Rise

Frauds and hack-related losses in the crypto sector surged to nearly $4 billion in 2023, marking a significant 53% increase from the previous year. According to the FBI’s Internet Crime Complaint Center (IC3), over 69,000 complaints related to crypto fraud were filed last year.

Investment frauds are the primary contributors to these losses, representing about 71% of all crypto-related financial damage. Additionally, crypto ATMs have become a favored tool for scammers, with over 5,500 complaints and losses surpassing $189 million reported during the same period.

In a bid to fight crypto crimes, TRON, Tether, and blockchain intelligence firm TRM Labs recently announced the creation of the T3 Financial Crime Unit (T3 FCU). This joint initiative aims to combat the illegal use of USDT on the TRON blockchain. TRON’s founder, Justin Sun, highlighted the need to ensure the proper use of blockchain technology and stressed the importance of the industry taking a strong stance against illegal activities.

#TRON, @Tether_to, and @trmlabs today announced we have joined forces to establish the T3 Financial Crime Unit, a first-of-its-kind initiative aimed at facilitating public-private collaboration to combat illicit activity associated with the use of USDT on the TRON blockchain.… pic.twitter.com/156pMChPra

— TRON DAO (@trondao) September 10, 2024