- Indonesian authorities arrested a Hacker accused of exploiting Markets.com to steal $398,000 in cryptocurrency.
- The suspect allegedly used scraped national ID data to create fake accounts and manipulated deposit inputs to generate fraudulent USDT balances.
- Law enforcement seized a cold wallet holding approximately $4.2 million in USDT and other assets in the investigation.
- Experts highlight that traditional KYC methods are insufficient to prevent identity-based attacks in crypto platforms.
Indonesian police apprehended a local hacker identified only as HS in Bandung, West Java, for allegedly exploiting a security flaw in the deposit system of the trading platform Markets.com. The breach resulted in a loss of approximately $398,000 in cryptocurrency. This followed a formal complaint by Finalto International Limited, the London-based owner of Markets.com, as reported by local media.
Authorities found that HS created four fake accounts using real Indonesian national ID data scraped from public websites. By manipulating the platform’s input system, the suspect generated false USDT (Tether) balances without proper backend checks. The accounts were made under the names Hendra, Eko Saldi, Arif Prayoga, and Tosin.
Police seized multiple pieces of evidence, including a laptop, a mobile phone, a CPU unit, an ATM card, and a 152-square-meter shophouse in Bandung. They also confiscated a cold wallet holding 266,801 USDT, equivalent to about $4.2 million.
Deputy Cybercrime Director Andri Sudarmadi explained that the vulnerability exploited involved Markets.com’s nominal input system, which accepted deposit amounts without robust validation, enabling fraudulent gains. HS, a computer accessories distributor and crypto trader since 2017, allegedly used his expertise to exploit this flaw.
Cybersecurity consultant David Sehyeon Baek noted the hacker’s use of scraped ID data suggests links to a wider underground data network. He stated, “A lot of exchanges still treat KYC like a checkbox exercise,” highlighting how fake identities can be built easily with leaked data and AI tools. Baek added, “Traditional KYC alone just isn’t enough anymore,” urging platforms to improve monitoring and verification methods.
The suspect faces charges under Indonesia’s cybercrime and anti-money laundering laws, carrying potential penalties of up to 15 years in prison and fines reaching $900,000. For further comment, inquiries were made to Finalto International. More details are available via the original local media report.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- ShadowRay 2.0 Exploits Ray AI Flaw for Crypto Botnet Attack
- Shiba Inu Price Plunges 65.6% Since November 2024 Amid Market Crash
- Nvidia Faces Skepticism as Analysts Warn of AI, Customer Risks
- SoftBank’s PayPay Integrates Payment Rails on Binance Japan
- Indian Rupee Hits 88.76, May Fall to 90 by March 2026
