Web3 security firm Cyvers detected suspicious transactions on the wallet of Indonesian exchange Indodax on September 11. The attack involved more than 150 transactions and an estimated $20.58 million worth of digital assets were allegedly stolen. Some experts suspect that North Korean hacker group Lazarus Group may have been responsible due to the characteristics of the attack.
Indodax hack shows signs of Lazarus group involvement
Web3 security firm Cyvers revealed on September 11 that it had detected multiple suspicious transactions involving the wallet of Indonesian cryptocurrency exchange Indodax. Cyvers initially said the suspicious address held $14.4 million worth of digital assets. However, in a statement later shared with Bitcoin.com News, the security firm increased its estimate of the damage associated with the attack to approximately $20.58 million.
The attacker, identified by some observers as Lazarus Group, made more than 150 transactions, according to Cyvers. The security firm believes the attack method the attacker exploited involved an access control breach.
Commenting on speculation that a North Korea-linked hacker group was behind the breach, Yosi Hammer, Head of AI at Cyvers, cautioned that it was still too early to make an attribution. However, Hammer acknowledged that the attack exhibited characteristics typically associated with the Lazarus Group.
“We have identified a significant security breach targeting Indodax’s hot wallet, resulting in over $20.5 million in losses across multiple chains. Our real-time monitoring system flagged 160 critical red flags from the outset, starting with the transfer of 660 ETH. The attack exhibited typical characteristics of sophisticated hacker groups, such as the Lazarus Group, known for rapid asset transfers, access control breaches, and multiple swaps,” Hammer said.
However, the head of Cyvers AI said the security firm now wants to determine whether the money laundering process of this attack matches that of a North Korea-linked group.
Meanwhile, the security firm shared a breakdown of losses by chain, with ethereum (ETH) accounting for more than 60% or $13.3 million of the $20.58 million lost. Losses on Polygon and TRON were similar at $2.5 million each, while losses on Bitcoin were estimated at $1.4 million.
Do you think Lazarus Group was behind the attack as some observers have alleged? Share your thoughts in the comments section below.
#binance #tramnguyen #bitcoin #btc #eth $BTC $ETH $BNB
