Greetings!
Almost $28M were stolen this week across 5 incidents. Indonesian exchange, Indodax, accounts for the majority of these losses with a $25M hot wallet hack across Bitcoin, Tron, Ethereum, Polygon, and Optimism chains. No additional information is available on the exact attack vector of the compromise, but luckily the exchange was able to halt further losses from its $400M vault.
FBI published a report on the state of crypto-related fraud. According to the report, crypto-related losses exceeded $5.6B in 2023 (a 45% increase) which is half of total reported financial fraud losses processed by the agency. At the same time 69K+ crypto related complaints constitute only 10% of total complaints. I’ve previously noted this outsized impact per incident in a talk at DSS last year and concerned that these numbers will continue attracting bad actors for easy profits.
The premium section below contains details analysis and indicators for Indodax, Caterpillar (CUT), OTSEA, and other compromises.
To gain access to comprehensive vulnerability write-ups, post-mortems, exploit proof of concepts (PoCs), attacker addresses, and additional data regarding this week’s compromises, please subscribe to the premium plan below.
Let’s dive into the news and enjoy this rad Darknet Diaries remix!