Indian cryptocurrency exchange Wazirx has halted all withdrawals after experiencing a significant security breach. The incident, which involved one of its multisig wallets, resulted in the theft of over $230 million. Blockchain experts Zachxbt and Mudit Gupta have been providing insights into the nature and sophistication of the hack.
Major Security Breach Halts WazirX Withdrawals
On July 18, WazirX, a leading cryptocurrency exchange in India, announced that it had detected a security breach in one of its multisig wallets. In response to this incident, the exchange has temporarily halted all withdrawals of Indian Rupees (INR) and cryptocurrencies. The WazirX team is actively investigating the breach to ensure the safety of users’ assets.
Investigators Trace the Stolen Funds
Blockchain investigator Zachxbt has been closely tracking the movements of the stolen funds, totalling over $230 million. According to his analysis, the initial exploiter address conducted test transactions using SHIB on July 10 and received multiple deposits from Tornado Cash, indicating a well-planned and sophisticated attack. Zachxbt suspects that the hack might be linked to the notorious Lazarus Group, given the complexity and organization of the attack.
Expert Analysis Points to a Methodical Attack
Mudit Gupta, a blockchain security researcher, also provided insights into the breach. He noted that the hackers had been preparing for the attack at least eight days before its execution. The attackers managed to upgrade the multisig to a malicious version, allowing them to drain the wallet.
Gupta believes the attackers likely compromised two out of four private keys directly and obtained the remaining two via signature phishing through a compromised user interface or wallet. This methodical approach suggests the involvement of sophisticated and organized attackers, potentially linked to the Democratic People’s Republic of Korea (DPRK).
The Aftermath and Future Precautions
The breach has sparked widespread concern within the crypto community, with users criticizing WazirX for the security lapse. The exchange has promised to be transparent with its findings as the investigation progresses. Meanwhile, the incident underscores the critical need for robust security measures and constant vigilance in the cryptocurrency industry.
Also Read: Trezor Safe 5 Released: Boost Your Crypto Security with Trezor’s Latest Wallet
Discussion about this post