Potential North Korean involvement suspected in cyber attack on Indexed Finance treasury

An alleged cybercriminal affiliated with North Korea may be responsible for the recent attack on Indexed Finance’s treasury, according to on-chain investigator ZachXBT.

The attack took place on November 18 and targeted the remnants of Indexed Finance, a decentralized protocol for passive portfolio management on the Ethereum network. This protocol had previously suffered a $16 million attack earlier in the year.

Laurence Day, a member of the Indexed Finance team, revealed that the hacker initiated a proposal in an attempt to gain control over the protocol’s treasury, which held $36,000 in DAI and nearly $48,000 in NDX, the governance token for Indexed Finance at the time.

However, upon discovering the hostile proposal, community members who still held NDX tokens responded by voting against the attack. As of now, the vote count stands at 413,000 against the proposal and 402,000 in favor. Despite successfully repelling the attack, the price of NDX dropped by almost 14% to $0.01 following the news.

ZachXBT noted that the hacker behind this incident also attempted a similar attack on Relevant, a news-sharing and discussion platform. In a post on November 19, ZachXBT revealed that the hacker has alleged ties to North Korea, as their wallet was previously funded by Alex Chon, an IT worker from North Korea who has been dismissed from multiple positions due to suspicious behavior. It is currently unclear whether the hacker succeeded in their efforts, as no public statement has been made regarding the incident.

Indexed Finance had previously fallen victim to a flash loan attack in 2021, resulting in a loss of $16 million worth of cryptocurrency. Andean Medjedovic, a graduate of the University of Waterloo, was later charged with stealing crypto from Indexed Finance in a civil lawsuit. However, authorities have been unable to locate him despite issuing an arrest warrant over a year ago.