Indodax hit by $20.5M exploit, North Korea link suspected

Indonesian crypto exchange Indodax has reportedly suffered a $20.5 million exploit, according to blockchain security firm Cyvers.

The losses were spread across multiple chains, including a $1.4 million loss in Bitcoin and a $5 million theft on the TRON and Polygon networks. Other impacted blockchains were Optimism and Ethereum, which had over $14 million in losses.

In a Sept. 11 post on X, Indodax confirmed that its team had uncovered a security vulnerability on its platform. However, the company assured users that their “balance remains 100% safe both in crypto and rupiah.”

It added:

“Currently, we are conducting a complete maintenance to ensure the entire system is operating properly. During this maintenance process, the INDODAX web platform and application are temporarily inaccessible.”

In a separate message, the firm warned its users to be wary of phishing links touting fake “INDODAX fund refund invitations or requests for your personal data.”

North Korea links

Yosi Hammer, Cyvers’ Head of AI, indicated that North Korea-backed Lazarus Group hackers might have carried out the attack.

He stated:

“The attack exhibited characteristics typical of sophisticated hacking groups, such as the Lazarus Group, known for their rapid asset transfers, access control violations, and multiple swaps.”

Hammer, however, emphasized that it’s too early to confirm the attackers’ identity.

Over the past seven years, North Korean hackers have stolen $3 billion in crypto from 58 suspected cyber heists. During that period, the group participated in sophisticated hacks targeting different crypto entities, including centralized exchanges and bridges, and even posted fake CVs on job boards to infiltrate crypto projects.

This high level of theft prompted some to brand the country “the world’s most prolific cyber-thief.”

Meanwhile, market observers noted that North Korea has been using crypto as a tool to evade sanctions and also funding its weapons programs.

Mentioned in this article

Source: https://cryptoslate.com/indodax-hit-by-20-5m-exploit-north-korea-link-suspected/