As a seasoned researcher with extensive experience in the cryptocurrency industry, I find the WazirX breach to be a concerning development that underscores the importance of robust security measures and transparency in the crypto space.
On Thursday, a security incident occurred at WazirX, the leading cryptocurrency exchange in India, affecting one of their multisignature wallets.
The incident resulted in the loss of over $230 million from the multisig wallet.
Over $230 Million Stolen in WazirX Breach
The company announced the attack in a post on X:
At WazirX, prioritizing transparency and serving the community’s best interests is our top priority. Unfortunately, we recently experienced a cyber attack that targeted one of our multisignature wallets. To provide clarity on this matter, below are our initial findings:
» Incident Overview: A cyber attack occurred in one of our multisig wallets…
— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 18, 2024
Based on Arkham Intelligence’s findings, an individual is reported to have pilfered around $102.1 million worth of SHIB (Shiba Inu) tokens, which have since been entirely liquidated. As per Elliptic’s data, the security breach also resulted in the loss of $52.6 million in Ether, $11 million of Matic, and $7.6 million of Pepe.
Over 45% of WazirX’s reported reserves from June 2024 were found to be stolen assets, diminishing optimism regarding the return of users’ funds.
According to Lookonchain’s analysis, the WazirX hacker has transformed a large portion of the stolen funds into 43,800 Ether, equivalent to around $149.46 million. Currently, the hacker possesses approximately 59,097 Ether, which amounts to roughly $201.67 million. Additionally, the hacker transferred 7.7 million DENT, worth about $7,300, into a Binance wallet that had previously remained inactive.
The individual who exploited WazirX has converted the majority of their ill-gotten gains into approximately 43,800 Ether (worth around $149.46 million) and now possesses roughly 59,097 Ether ($201.67 million in value).
At present, the balance amounts to approximately $15 million remaining. This consists of:
It is worth…
— Lookonchain (@lookonchain) July 19, 2024
Around $15 million in total assets remain, which is made up of approximately $1.56 million in DENT (equivalent to 1.66 billion units), around $1.72 million in CHR, about $1.12 million in CELR, and roughly $909,000 worth of FRONT.
What Caused The WazirX Breach?
The initial investigation by WazirX has uncovered that the cyber attack was caused by a mismatch between the data shown on Liminal’s platform and the true transaction details. WazirX is of the belief that the attacker may have tampered with the payload to seize control of the wallet.
Some individuals within the Indian cryptocurrency community express doubt over this justification. As Pankaj Tanwar, a prominent crypto YouTuber, put it regarding X, “We have six people required to authenticate, but it was still breached. Now, there’s finger-pointing.” Tanwar further warned that the consequences of this occurrence for crypto in India could be severe and underestimated.
According to the company’s report, the hacked digital wallet functioned using Liminal’s custodial and wallet system, which has been active since February 2023. This wallet was governed by a multisignature agreement involving six keys: five belonged to WazirX and one to Liminal.
“I noticed that there was a policy in place to allow list certain trusted destination addresses for enhanced security. These approved addresses were marked and made accessible through Liminal’s interface. Consequently, our team at WazirX had the power to initiate transactions only to these pre-approved addresses.”
As a crypto investor using WazirX, I can assure you that they have taken significant steps to enhance security. They’ve integrated the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy. However, despite these robust measures, a hacker was able to bypass their security system.
Read More
- W PREDICTION. W cryptocurrency
- PENDLE PREDICTION. PENDLE cryptocurrency
- AEVO PREDICTION. AEVO cryptocurrency
- AAVE PREDICTION. AAVE cryptocurrency
- REF PREDICTION. REF cryptocurrency
- CCT PREDICTION. CCT cryptocurrency
- ALCX PREDICTION. ALCX cryptocurrency
- BCH PREDICTION. BCH cryptocurrency
- KAS PREDICTION. KAS cryptocurrency
- SDEX PREDICTION. SDEX cryptocurrency
2024-07-19 17:18