Unpacking the WazirX Hack: What Happened and How Much Crypto is Lost
WazirX, the largest Indian cryptocurrency exchange, was hit by a security breach in one of its multisig wallets on Thursday.
The incident resulted in the loss of over $230 million from the multisig wallet.
Over $230 Million Stolen in WazirX Breach
The company announced the attack in a post on X:
At WazirX, our commitment to transparency and community welfare is paramount. There was a cyber attack on one of our multisig wallets. Below are the preliminary findings to clarify the situation:
» Incident Overview: A cyber attack occurred in one of our multisig wallets…
— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 18, 2024
According to Arkham Intelligence, the attacker stole approximately $102.1 million in SHIB (Shiba Inu) tokens, which have now been fully sold off. According to Elliptic data, the breach also involved the theft of $52.6 million in Ether, $11 million of Matic, and $7.6 million of Pepe.
These stolen assets represent more than 45 percent of the total reserves reported by WazirX as of June 2024, reducing hopes for the recovery of user funds.
Lookonchain noted that the WazirX hacker has converted most of the stolen assets into 43,800 ETH, valued at $149.46 million, and currently holds 59,097 ETH, worth $201.67 million. The hacker also deposited 7.7 million DENT, valued at $7,300, into a Binance deposit address that had not been used before.
The #WazirX exploiter has exchanged most of the assets for 43,800 $ETH($149.46M) and currently holds 59,097 $ETH($201.67M).
Currently, there are ~$15M assets left. Including:
1.66B $DENT ($1.56M)
6.76M $CHR ($1.72M)
78.6M $CELR ($1.12M)
958,428 $FRONT ($909K)
…It is worth… pic.twitter.com/MX9uvt3BpV
— Lookonchain (@lookonchain) July 19, 2024
Approximately $15 million in assets remain, including 1.66 billion DENT worth $1.56 million, 6.76 million CHR worth $1.72 million, 78.6 million CELR worth $1.12 million, and 958,428 FRONT worth $909,000.
What Caused The WazirX Breach?
WazirX’s preliminary findings reveal that the cyber attack resulted from a discrepancy between the data displayed on Liminal’s interface and the actual transaction details. WazirX suspects that the payload may have been manipulated to transfer control of the wallet to the attacker.
However, some members of the Indian crypto community are skeptical of this explanation. “There are six people, needing four to verify, yet it still got hacked, and now there’s a blame game,” commented Pankaj Tanwar, a well-known crypto YouTuber, on X. He added that this incident will harm Crypto in India more than anyone can imagine.
The company’s report also states that the breached wallet was operated using Liminal’s digital asset custody and wallet infrastructure, which has been in place since February 2023. The wallet was controlled by a multisig arrangement with six signatories: five from WazirX and one from Liminal.
“A policy to whitelist destination addresses was also in place to enhance security. These whitelisted addresses were earmarked and facilitated on the interface by Liminal; consequently, the WazirX team had the ability to initiate transactions to the said whitelisted addresses.”
WazirX added that they had implemented robust security features, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy, which they acknowledged the hacker managed to bypass.
The post Unpacking the WazirX Hack: What Happened and How Much Crypto is Lost appeared first on CryptoPotato.