Cyvers Alert, a blockchain security firm, recently reported that the Indian exchange WazirX fell victim to an exploitation scheme, resulting in the loss of approximately $235 million. The firm’s system detected multiple suspicious transactions involving WazirX’s Safe Multisig wallet on the ETH network, where a total of $234.9 million worth of funds were moved to a new address. Each transaction’s caller was identified as being funded by Tornado Cash.
According to a report by blockchain analyst Lookonchain, the stolen assets from the WazirX exploitation included 5.43 trillion SHIB tokens valued at $102 million, 15,298 ETH worth $52.5 million, 20.5 million MATIC valued at $11.24 million, 640.27 billion $PEPE worth $7.6 million, 5.79 million USDT, and 135 million GALA with a value of $3.5 million. The report also mentioned that the attacker was selling and converting these assets into ETH.
In response to the security breach, WazirX confirmed the incident in a post on July 18, stating that one of its multisig wallets had been compromised, leading to an undisclosed sum being lost. The platform assured its users that their assets’ safety was a top priority, and as a security measure, both INR and crypto withdrawals were temporarily paused.
Background on WazirX
WazirX is recognized as one of the largest crypto trading platforms in India. The platform made headlines last year due to a public dispute over its ownership structure. Founder Nischal Shetty claimed that Binance had acquired WazirX, while former Binance CEO Changpeng Zhao vehemently denied these allegations. This controversy raised questions about the exchange’s transparency and corporate governance practices.
Potential Culprit
Cyvers Alert hinted at the involvement of North Korea-backed hacker Group Lazarus in the WazirX exploit. Co-founder and CEO Deddy Lavid expressed concerns about the use of Tornado Cash to fund transactions, suggesting similarities to tactics employed in previous high-profile cyberattacks. While it’s too early to conclusively link the incident to the Lazarus Group, the parallels are troubling. Over the years, Lazarus Group has gained notoriety for targeting the cryptocurrency industry with sophisticated cybercrime tactics.
Overall, the exploitation of WazirX highlights the persistent challenges faced by cryptocurrency exchanges in safeguarding user funds and maintaining trust in the digital asset ecosystem. The incident underscores the importance of robust security measures, continuous monitoring of suspicious activities, and proactive response strategies to mitigate the risk of cyber threats.