Recently, blockchain security firm Cyvers Alert reported a significant security breach at the Indian exchange WazirX, resulting in the exploitation of approximately $235 million. The firm’s system detected multiple suspicious transactions involving WazirX’s Safe Multisig wallet on the ETH network, where a total of $234.9M of funds were transferred to a new address. It was noted that each transaction’s caller was funded by Tornado Cash.
According to blockchain analyst Lookonchain, the stolen assets included a variety of cryptocurrencies such as 5.43 trillion SHIB tokens valued at $102 million, 15,298 ETH worth $52.5 million, 20.5 million MATIC valued at $11.24 million, 640.27 billion $PEPE worth $7.6 million, 5.79 million USDT, and 135 million GALA valued at $3.5 million. The attacker was reported to be selling and converting these assets to ETH.
In response to the security breach, WazirX confirmed the incident on July 18 and disclosed that one of its multisig wallets had experienced a security breach, resulting in an undisclosed loss. The platform announced that to ensure the safety of assets, both INR and crypto withdrawals would be temporarily paused.
WazirX, being one of the largest crypto trading platforms in India, is now facing the consequences of this security breach. This incident adds to the challenges the platform has faced, including a public dispute over its ownership structure in the past year. The exchange’s founder, Nischal Shetty, claimed that Binance had acquired WazirX, which was vehemently denied by Binance’s former CEO, Changpeng Zhao.
Cyvers suggested that the North Korea-backed hacker Group Lazarus might be linked to the attack on WazirX. Co-founder & CEO of Cyvers Alert, Deddy Lavid, pointed out that the use of TornadoCash to fund the transactions reflected similar methods used in previous high-profile attacks. While it is premature to definitively attribute the incident to the Lazarus Group, the similarities are raising concerns.
In recent years, Lazarus Group has gained notoriety as one of the most prominent hacking groups targeting the cryptocurrency industry. Their sophisticated techniques and potential connection to state-sponsored activities make them a formidable threat to the security of crypto exchanges and platforms.
The security breach at WazirX highlights the ongoing challenges and risks faced by cryptocurrency exchanges in maintaining the integrity and security of their platforms. This incident underscores the importance of robust security measures and constant vigilance in the face of evolving cyber threats.