$ETH $BTC
The investigation is still ongoing, Indodax ensures that it will continue to provide official updates to its users through official communication channels.
Indodax is working with crypto forensic experts and security authorities to further investigate this incident. They are also conducting thorough maintenance to ensure the security of their systems. Users are advised to remain vigilant against possible fraud attempts, such as fake accounts claiming to be able to return funds or requesting personal information.
On September 11, 2024, Indodax, one of the largest crypto asset trading platforms in Indonesia, experienced a major cyberattack allegedly carried out by professional hackers. The reported losses reached more than 21 million US dollars, or around Rp. 335 billion. This attack involved illegal transactions that occurred in Indodax's hot wallet, a place to store digital assets used for active transactions.
Indodax immediately responded by securing user balances and activating a protection reserve called SAFU (Secure Asset Fund for Users). This is a fund specifically provided to cover user losses in cases like this. Indodax CEO Oscar Darmawan assured that users' rupiah and crypto balances are completely safe.
The attack allegedly involved hacking the signature engine, not the private key of the hot wallet, which allowed hackers to withdraw assets in round amounts such as 1 BTC or 3 BTC. The funds were then spread across several different addresses to obscure the transaction trail. In addition, there is suspicion that the North Korean hacker group, Lazarus Group, may have been involved in this attack based on the very similar attack pattern.
