skip to Main Content
bitcoin
Bitcoin (BTC) $ 98,175.30 5.43%
ethereum
Ethereum (ETH) $ 3,494.95 6.69%
tether
Tether (USDT) $ 1.00 0.19%
xrp
XRP (XRP) $ 2.32 8.65%
bnb
BNB (BNB) $ 696.61 3.98%
solana
Solana (SOL) $ 198.37 9.41%
dogecoin
Dogecoin (DOGE) $ 0.336882 10.80%
usd-coin
USDC (USDC) $ 1.00 0.21%
cardano
Cardano (ADA) $ 0.944553 9.35%
staked-ether
Lido Staked Ether (STETH) $ 3,492.55 6.67%

Unpacking the WazirX Hack: What Happened and How Much Crypto is Lost

WazirX, the largest Indian cryptocurrency exchange, was hit by a security breach in one of its multisig wallets on Thursday.

The incident resulted in the loss of over $230 million from the multisig wallet.

Over $230 Million Stolen in WazirX Breach

The company announced the attack in a post on X:

According to Arkham Intelligence, the attacker stole approximately $102.1 million in SHIB (Shiba Inu) tokens, which have now been fully sold off. According to Elliptic data, the breach also involved the theft of $52.6 million in Ether, $11 million of Matic, and $7.6 million of Pepe.

These stolen assets represent more than 45 percent of the total reserves reported by WazirX as of June 2024, reducing hopes for the recovery of user funds.

Lookonchain noted that the WazirX hacker has converted most of the stolen assets into 43,800 ETH, valued at $149.46 million, and currently holds 59,097 ETH, worth $201.67 million. The hacker also deposited 7.7 million DENT, valued at $7,300, into a Binance deposit address that had not been used before.

Approximately $15 million in assets remain, including 1.66 billion DENT worth $1.56 million, 6.76 million CHR  worth $1.72 million, 78.6 million CELR worth $1.12 million, and 958,428 FRONT worth $909,000.

What Caused The WazirX Breach?

WazirX’s preliminary findings reveal that the cyber attack resulted from a discrepancy between the data displayed on Liminal’s interface and the actual transaction details. WazirX suspects that the payload may have been manipulated to transfer control of the wallet to the attacker.

However, some members of the Indian crypto community are skeptical of this explanation. “There are six people, needing four to verify, yet it still got hacked, and now there’s a blame game,” commented Pankaj Tanwar, a well-known crypto YouTuber, on X. He added that this incident will harm Crypto in India more than anyone can imagine.

The company’s report also states that the breached wallet was operated using Liminal’s digital asset custody and wallet infrastructure, which has been in place since February 2023. The wallet was controlled by a multisig arrangement with six signatories: five from WazirX and one from Liminal.

“A policy to whitelist destination addresses was also in place to enhance security. These whitelisted addresses were earmarked and facilitated on the interface by Liminal; consequently, the WazirX team had the ability to initiate transactions to the said whitelisted addresses.”

WazirX added that they had implemented robust security features, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy, which they acknowledged the hacker managed to bypass.

The post Unpacking the WazirX Hack: What Happened and How Much Crypto is Lost appeared first on CryptoPotato.

Loading data ...
Comparison
View chart compare
View table compare
Back To Top