Indonesian Exchange Goes Offline After $22 Million Hack

Reading Time: 2 minutes
  • Indodax has gone offline following a $22 million hack
  • The exchange has paused web and app access for thorough system maintenance
  • The company has assured users that their funds remain secure

Indonesian cryptocurrency exchange Indodax has temporarily suspended its operations following the loss of $22 million in a hack. The loss was revealed yesterday, prompting “thorough maintenance” on the platform. Users have been warned that they will not be able to access the platform during this period, but the exchange has reassured them that their assets are safe.

Indodax Warned of “Potential Security” Issue

Users were alerted to the loss through a tweet from Indodax, which described the issue as a “potential security” issue:

Security firm Slowmist expanded on the hack, offering firm details on what was taken:

Slowmist then offered a more detailed take on the hack following further analysis ruling out a hot wallet breach and suggesting that the hack was down to manipulation of the withdrawal mechanism:

The hacker stole over $1.42 million in Bitcoin, $2.4 million in Tron’s TRX and over $14.6 million in various ERC-20 tokens, with fellow security firm Cyvers detecting more than 150 suspicious transactions over multiple networks and reporting that the hacker had started swapping the tokens to ETH. This is likely the first stage in the process of exfiltrating the coins through a mixing service.

Indodax has stated that it will update customers once it has more information but that any losses will be reimbursed.

Share