WazirX: WazirX Suffers Security Breach; $235 Million in Funds Moved

Cryptocurrency platform Italian: suffered the largest cyber attack on an Indian exchange, with hackers reportedly stealing $203 million in investor holdings, or more than 40% of the platform’s estimated reserves. Blockchain experts have discovered evidence of the Lazarus cybercriminal group, allegedly backed by the North Korean government, behind the attack. Lazarus is known for carrying out the world’s largest attacks on a cryptocurrency exchange in the past, where the attacked party was unable to recover the funds because the attackers did not engage in negotiations.

Improve your technology skills with high-value skills courses

“We are aware that one of our multisig wallets has suffered a security breach“, WazirX said in a statement. “Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily suspended,” it said without revealing the extent of the attack or naming the possible attackers.

“Some preliminary investigations conducted by researchers suggest that the Lazarus group is behind the attack,” Aditya Singh, a cryptocurrency observer and influencer, told ET. “If true, the bad news is that they are not cooperative, will never be held legally accountable, and are efficient at laundering money.”

Lazarus has attacked cryptocurrency exchanges and mining marketplaces like Bithumb, Youbit, and Nicehash in the past, he said. Youbit filed for bankruptcy after 17% of its assets were stolen. “WazirX freezing 50% of its assets is a pretty serious situation,” Singh said.

Market observers believe the incident has the potential to trigger a ripple effect for the Indian cryptocurrency sector, which had just begun to recover from a long winter.

Mudit Gupta, a blockchain security researcher and head of cybersecurity at OxPolygon Labs, wrote on the X microblogging site: “RIP WazirX. Get ready for another ‘crypto ban’ in India. Centralized exchanges are literally the opposite of decentralized finance and cryptocurrencies, but politicians will use this hack to sling mud at cryptocurrencies. If you don’t understand it, ban it.”

Meanwhile, Liminal Custody, the wallet custody service provider of WaxirX, said that no breach has occurred within its ecosystem.

“Our preliminary investigations show that one of the self-custody multisig smart contract wallets created outside of the Liminal ecosystem has been compromised,” he said in a statement. “We can confirm that the Liminal platform has not been breached and that Liminal infrastructure, wallets, and assets continue to remain secure.”

To contain the panic, WazirX rivals, including CoinDCX and Mudrex, issued warnings claiming that investors’ money was safe in their wallets.

“The security of our wallet remains solid,” CoinDCX co-founder and CEO Sumit Gupta wrote in a post on X.

“This incident highlights the importance of ongoing monitoring and robust compliance frameworks to protect investors and ensure the integrity of the cryptocurrency ecosystem,” Mudrex CEO Edul Patel said in a statement. “Our codebase is undergoing thorough scrutiny and a multi-layered review to ensure our technology infrastructure is immune to such exploits.”

According to estimates by research firm Esya Centre, the total value of cryptocurrencies held by Indian centralized exchanges amounts to $13.38 billion.

According to its latest proof of reserve report, WazirX held $503 million in assets, up 79% from January 2024.

The breach was first discovered by Web3 Security Company Cyvers. “Several suspicious transactions” involving WazirX’s Safe Multisig wallet on Ethereum have been detected, it said.

According to Cyvers’ post on X, $234.9 million of funds in the Safe Multisig wallet are believed to have been transferred to a new address, with the caller of each transaction funded by tornado cash, a fully decentralized protocol for private transactions on Ethereum.

Fuente