Indodax, one of Indonesia’s largest cryptocurrency exchanges, has temporarily shut down its platform following a significant security breach that resulted in the theft of approximately $22 million in digital assets.
The exchange has disabled its mobile and web applications as it investigates the incident, which has sent shockwaves through the crypto community.
On September 11, multiple blockchain security firms, including PeckShield, Cyvers, and SlowMist, reported a major hack involving Indodax’s hot wallets—online wallets used to store cryptocurrencies for quick access and transactions.
The breach led to the loss of several cryptocurrencies, including Bitcoin (BTC), Ether (ETH), Tron (TRX), Polygon (MATIC), and Shiba Inu (SHIB), among others.
Blockchain security firm SlowMist suggested that the hacker exploited a vulnerability in Indodax’s withdrawal system, allowing unauthorized withdrawals from the hot wallet.
Cyvers, another blockchain investigator, proposed that the breach could have involved other systems, such as the signature machine responsible for authorizing transactions.
The hackers executed over 150 suspicious transactions across various networks and quickly converted the stolen assets to Ether (ETH), a common tactic for obscuring stolen funds using crypto-mixing services like Tornado Cash.
In response to the attack, Indodax has taken down its services for maintenance and investigation. The exchange released a statement assuring users that a comprehensive system check is underway to prevent further damage.
“During this maintenance process, the INDODAX web platform and application are temporarily inaccessible,” the company said. While the exchange has reassured users that their assets remain secure, the extent of the damage and recovery efforts remains uncertain.
Yosi Hammer, head of AI at Cyvers, has pointed out that the pattern and methods used in the Indodax hack closely resemble those of the infamous Lazarus Group, a North Korean cybercrime organization known for its sophisticated attacks on crypto platforms.
The Lazarus Group has been linked to numerous high-profile crypto heists, including a recent attack on WazirX, an Indian crypto exchange, where $235 million was stolen.
Blockchain forensic experts and investigators like Elliptic and ZachXBT have often identified the Lazarus Group as key suspect in such attacks due to their distinct hacking techniques.
According to CoinMarketCap, Indodax has a reserve balance of $369 million, which could be used to compensate affected users.
However, the exchange has not yet announced any concrete steps for reimbursing customers or bolstering its security measures to prevent future breaches.
The attack on Indodax highlights the growing risk of cyberattacks targeting cryptocurrency exchanges, especially in regions where regulatory oversight may be less stringent.
With the Lazarus Group increasingly implicated in these crimes, the crypto community is calling for more robust security protocols and international cooperation to tackle the rising threat from state-sponsored hackers.