Hackers Holdings
Sep 5 · 3 min read


What happened:

On August 5th, a hacker or a group of hackers hacked our CEO’s personal account at IDAX that holds more than 100 million FAS, and dumped them all into the market causing the price of FAS to plunge by more than 90%.

As many of you are already well aware, one of our biggest accounts at IDAX recently got hacked and the hacker sold more than 100 million FAS into the market, making the price of the token plummet to a point where it becomes unrecoverable. When we first raised this incident to IDAX staff, their initial reaction was a denial without even looking into the details of the incident, so we asked them to provide IP addresses and how the hacker or a group of hackers could have hacked our CEO’s Google 2FA. And that’s when they started investigating and admitted that there was a data breach. Later it appeared that there were several login records from Russia.

But until now, IDAX still insists it’s the “account” that got hacked and not IDAX.

Don’t the users’ accounts belong to IDAX? aren’t those accounts part of IDAX system? Just by looking at this utterly ignorant response from this IDAX staff, we could simply imagine how unprofessional and irresponsible they are when dealing with incidents. What can users expect from IDAX when the exchange is so irresponsible and indifferent to such a major incident as hacking?

For the last three weeks ever since IDAX said they would investigate, they haven’t provided any outcomes or results and just kept saying the matter is under investigation without giving us proactive update (they only responded when we asked for an update) Moreover, IDAX blocked some users’ accounts without giving them any notification, an activity deemed illegal in traditional assets market.

At present, we believe that the hack was committed by an insider at IDAX and below are the two reasons why we believe so:

1) Our CEO couldn’t log into his account on the day his account got hacked and kept receiving an error message when entering an authentication code of his Google 2FA.

However, Google 2FA is a very secure software and it’s not possible to reset Google 2FA without going through a KYC process required by an exchange. So, that means it’s highly likely that a malicious employee at IDAX could have reset our CEO’s 2FA, logged into his account, sold all his tokens, and transferred them all to hacker’s wallets.

2) IDAX is acting passive in investigating into this matter. Our technicians as well as outside experts have confirmed that it wouldn’t take a day or two to find out the cause of the hacking. However, IDAX hasn’t provided any outcome of the investigation and locked users’ accounts for the last THREE WEEKS and kept us waiting without ANY update.

We have already encountered numerous issues working with IDAX ever since we signed a contract to list last year, and now we have absolutely NO trust in this scam exchange anymore.

We highly encourage our community members to LEAVE IDAX asap and move funds to somewhere safe such as Binance, Bitfinex, and etc.

Below is the list of articles explaining about IDAX being shady and scamming other projects.

Hackers Holdings
Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade