news.bitcoin.com
Indian crypto exchange Wazirx has announced a security breach affecting one of its multisig wallets, resulting in the theft of over $230 million. Cryptocurrency and INR withdrawals have been halted as the team investigates the incident, with blockchain investigators Zachxbt and Mudit Gupta offering insights into the sophisticated hack.
Wazirx Security Breach Halts Withdrawals After $230+ Million Hack
Wazirx, a prominent cryptocurrency exchange in India, announced a security breach in one of its multisig wallets on July 18. The company has temporarily halted Indian rupee (INR) and cryptocurrency withdrawals while investigating the incident.
“We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident,” Wazirx wrote on social media platform X on Thursday morning, adding:
To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused.
Blockchain investigator Zachxbt has been tracing the movements of over $230 million stolen in the Wazirx breach. “I began tracing the $230M+ Wazirx hack back from the original exploiter address and was able to make some interesting observations,” he shared in his analysis on X. The initial theft address conducted test transactions on July 10 using SHIB and received multiple deposits from Tornado Cash. The tracing revealed several linked transactions, leading to suspicions of a sophisticated and organized attack.
“The BTC appears to come from an unknown service making it difficult to trace. All I can say is the Wazirx hack has the potential markings of a Lazarus Group attack (yet again),” Zachxbt concluded. “Hopefully the Wazirx team will be transparent with their findings. I solved the Arkham bounty where I identified a KYC exchange deposit made by the Wazirx hacker. Unfortunately, this is probably not super helpful as KYC-verified accounts can be easily purchased online for any exchange.”
Blockchain security researcher Mudit Gupta also provided his analysis of the Wazirx hack. “The hackers started practicing the hack onchain at least 8 days ago and finally executed it today,” he described, stating:
It’s a very methodical and organized attack, pointing towards DPRK as the hacker.
“The attackers upgraded the multisig to a malicious version that allowed them to drain the multisig,” Gupta explained, adding: “The attackers likely compromised 2 out of 4 private keys directly and the remaining two were signature phished via a UI/Wallet compromise. My bet is on wallet compromise/custody provider compromise.”
What do you think about the Wazirx security breach and its impact on the cryptocurrency market? Let us know in the comments section below.