Tech
WazirX: WazirX Suffers Security Breach; $235 Million in Funds Moved
Cryptocurrency platform Italian: suffered the largest cyber attack on an Indian stock exchange, with hackers stealing more than $230 million in investor holdings, or nearly half of the platform’s estimated reserves.
Blockchain experts have pointed to the possible involvement of the Lazarus cybercrime group behind the attack. Lazarus, allegedly backed by the North Korean government, is known for carrying out the world’s largest attacks on cryptocurrency exchanges in the past, where the attacked party was unable to recover the funds because the attackers did not engage in negotiations.
Improve your technology skills with high-value skills courses
| MIT xPRO | MIT Technology Leadership and Innovation | Visit |
| Indian School of Economics | ISB Product Management | Visit |
| Indian School of Economics | Professional Certificate in Product Management | Visit |
In a statement released Thursday evening, WazirX confirmed that one of its multisig wallets had suffered a cyberattack, resulting in a loss of funds exceeding $230 million. “This wallet has been operated using Liminal’s digital asset custody services and wallet infrastructure since February 2023.”
According to WazirX’s preliminary investigation, “The cyberattack stemmed from a discrepancy between the data displayed on the Liminal interface and the actual content of the transaction. During the cyberattack, there was a discrepancy between the information displayed on the Liminal interface and what was actually signed. We suspect that the payload was replaced to transfer control of the wallet to an attacker,” it said.
Withdrawals in rupees and cryptocurrencies on the platform are temporarily suspended, it said.
However, Liminal Custody, the wallet custody service provider of WaxirX, said that no breach has occurred within its ecosystem.
Discover the stories that interest you
“Our preliminary investigations show that one of the self-custody multisig smart contract wallets created outside of the Liminal ecosystem has been compromised,” it said in a statement. “We can confirm that the Liminal platform has not been breached and that the Liminal infrastructure, wallets, and assets continue to remain secure.” WaxirX did not name any hackers.
According to Aditya Singh, a cryptocurrency observer and influencer, preliminary investigations by researchers have suggested the involvement of the Lazarus Group. “If true, the bad news is that they are not cooperative, will never be held legally accountable, and are efficient at laundering,” he told ET.
Lazarus has attacked cryptocurrency exchanges and mining marketplaces like Bithumb, Youbit, and Nicehash in the past, he said. Youbit filed for bankruptcy after 17% of its assets were stolen. “WazirX freezing 50% of its assets is a pretty serious situation,” Singh said.
Market observers believe the incident has the potential to trigger a ripple effect for the Indian cryptocurrency sector, which had just begun to recover from a long winter.
Mudit Gupta, a blockchain security researcher and head of cybersecurity at OxPolygon Labs, wrote on the X microblogging site, “RIP WazirX. Get ready for another ‘crypto ban’ in India. Centralized exchanges are literally the opposite of decentralized finance and cryptocurrencies, but politicians will use this hack to sling mud at cryptocurrencies. If you don’t understand it, ban it.”
CoinSwitch, an exchange that has investments in WazirX, said that the funds of the former’s clients are safe. Ashish Singhal, co-founder and group CEO at PeepalCo, CoinSwitch’s parent company, said: “We are aware of the recent security breach on the WazirX platform. We want to assure our users that their funds on CoinSwitch are safe and have not been affected by this incident.”
To contain the panic, WazirX rivals, including CoinDCX and Mudrex, issued warnings claiming that investors’ funds were safe in their wallets.
“The security of our wallet remains solid,” CoinDCX co-founder and CEO Sumit Gupta wrote in a post on X.
“This incident highlights the importance of ongoing monitoring and robust compliance frameworks to protect investors and ensure the integrity of the cryptocurrency ecosystem,” Mudrex CEO Edul Patel said in a statement. “Our codebase is undergoing thorough scrutiny and a multi-layered review to ensure our technology infrastructure is immune to such exploits.”
According to estimates by research firm Esya Centre, the total value of cryptocurrencies held by Indian centralized exchanges amounts to $13.38 billion.
According to its latest proof of reserve report, WazirX held $503 million in assets, up 79% from January 2024.
The breach was first discovered by Web3 Security Company Cyvers. “Several suspicious transactions” involving WazirX’s Safe Multisig wallet on Ethereum have been detected, it said.