Indonesia's largest cryptocurrency exchange, Indodax, was hacked, resulting in the theft of about $22 million in digital assets.
The breach, discovered nine hours after the incident, was flagged by the Web3 security firm Cyvers, which alerted about multiple suspicious transactions involving Indodax's hot wallets.
According to Cyvers, the hacker's holdings include substantial amounts of Bitcoin (BTC), Ethereum (ETH), Tron (TRX), Optimism (OP), and Polygon (POL, formerly MATIC).
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What is SushiSwap? DEX & Sushi Token Animated Explainer
Another blockchain security firm, Slowmist, estimated that the stolen assets consist of over $14 million in ETH, $2.5 million in POL, $2.4 million in TRX, $1.4 million in BTC, and nearly $900,000 in OP. In total, over 150 suspicious transactions have been linked to this breach.
Slowmist added that their analysis indicates the breach most likely occurred within the withdrawal system.
Upon discovering the attack, Indodax shut down its web and mobile platforms for a thorough system inspection. The crypto exchange reassured its users that their assets, both in cryptocurrencies and Indonesian Rupiah, remain safe. Their translated statement reads:
We appreciate your patience and trust. We are doing this process to ensure the security and comfort of your transactions. We will provide further updates as soon as the investigation is complete.
Indodax has grown rapidly in recent years. The platform now boasts 28.52 million users, up from 9.9 million in 2021. It recorded a 24-hour trading volume of $11.5 million shortly before the attack occurred.
As the investigation continues, the Indodax community awaits further updates on the restoration of operations and the steps the crypto exchange will take to prevent future breaches.
In other news, scammers are using Solana's "Permanent Delegate" token extension to burn users' tokens shortly after they've been purchased.