Gairika Mitra
WazirX, an Indian crypto exchange, faced a security breach and lost more than $230 million on Thursday. The breach impacted one of the exchange’s wallets, resulting in the loss of significant user funds, including about $100 million in SHIB.
WazirX posted on X to announce the breach at noon local time:
“Update: We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We’ll keep you posted with further updates,” it said.
A WazirX spokesperson pointed The Shib Daily to the X post when asked for comments on the hack.
The hacker’s wallet at one point held $100 million in SHIB alone, data from crypto social network 0xPPL showed. But that amount has reduced as the hacker continued to move funds. Screenshot below:
A user on X with the handle @Sabrx0 highligted several tokens held in the alleged hacker’s wallet. Significant quantities held include 5.33 trillion SHIB, 15.3 thousand ETH, and 13 million MATIC. Screenshot below:
Mudit Gupta (@Mudit__Gupta), chief information security officer at Polygon Labs, revealed on X that “their safe multisig was compromised and drained. The hackers started practising the hack onchain at least 8 days ago and finally executed it today. It’s a very methodical and organized attack, pointing towards DPRK as the hacker.”
He added that the hackers didn’t choose to drain as draining takes time and the hackers perhaps didn’t have access to all the required private keys. They likely compromised 2 out of 4 private keys directly and the two remaining were signature-phished via a UI/Wallet compromise.
He concluded by saying that the exact paths depend on how the keys were custodied, which are likely to be a combination of two compromised private keys and malware devices with access to the keys.
Security platform Cyvers believes that North Korea-backed hacker group Lazarus might be involved in the attack. Deddy Lavid, co-founder and CEO of Cyvers, told CryptoSlate that using TornadoCash for the transactions bears resemblance to tactics observed in previous well-known attacks. He added that although it’s still too early to directly attribute this event to the infamous hacker group, the parallels are troubling.
WazirX has more than 15 million registered users. It added 600,000 users last year alone. SHIB was listed on WazirX in 2021.
Read More
- Web3 Innovator AIRian Announces AIR Token Listing on Multiple Exchanges
- Trump’s Crypto Play: How Digital Assets Are Shaping the 2024 US Presidential Election
- Exclusive: Shiba Eternity Poised to Usher in New Era of Blockchain Gaming on Shibarium
Gairika holds positions in BTC. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.
