Indian cryptocurrency exchange WazirX “India Ka Bitcoin Exchange” confirmed it was hit by a security breach that led to the theft of $230 million ((roughly Rs. 1,924 crore) in cryptocurrency assets, nearly half its reserves. These stolen assets represent more than 45 percent of the total reserves reported by the exchange in June 2024.
WazirX primarily caters to the Indian market and is considered one of the country’s few Financial Intelligence Units (FIUs) registered exchanges in the country.
The company said, “A cyber attack occurred in one of our multi-signature wallets, resulting in over $230 million loss. This wallet has been using Liminal’s digital asset custody and wallet infrastructure since February 2023.”
The breach affected one of WazirX’s multisig wallets, causing a significant loss of user funds.
WazirX acknowledged the breach on X (formerly Twitter), saying, “We’re aware of a security breach in one of our multi-sig wallets. Our team is actively investigating. To ensure the safety of your assets, INR and crypto withdrawals are temporarily paused. Thank you for your patience and understanding. We’ll keep you updated.”
WazirX claimed it was “taking all necessary steps to protect customer assets” after this major cyber-attack on one of its wallets.
Who are the Hackers?
WazirX shared with Gadgets360 how the cyber attack happened on Thursday. They said one of their multisig wallets, managed by six signatories (five from WazirX and one from Liminal), was attacked. There was a mismatch between Liminal’s displayed data and the actual transaction, likely allowing the attacker to take control.
Despite using security features like the Gnosis Safe multi-sig platform and Liminal’s allowlisting policy, the incident occurred. WazirX has paused withdrawal and deposit services. Mudit Gupta, Polygon’s chief information security officer, told Gadgets360 there is an “80 percent” chance that North Korean hackers were involved.
The hacker is selling stolen tokens, including $100 million in Shiba Inu and $52 million in Ether, on the decentralized exchange Uniswap. WazirX has shared the affected wallet address: 0x27fD43BABfbe83a81d14665b1a6fB8030A60C9b4.
Blockchain data shows that attackers are trying to sell their assets on the decentralized exchange Uniswap. Risk-management platform Elliptic said the hackers might be linked to North Korea. Lookchain, a third-party blockchain explorer, reported that over 200 cryptocurrencies were stolen from the platform. This included 5.43 billion SHIB, 15,200 Ethereum, 20.5 million Matic, 640 billion Pepe, 5.79 million USDT, and 135 million Gala tokens.
How Users Might Not Lose Funds Due to WazirX's Insurance
WazirX users might not lose any funds because the platform has insurance. All WazirX wallets on the Liminal platform remain secure and protected. The malicious transactions occurred from outside the Liminal platform. The Liminal team is assisting WazirX with their investigation, following strict security protocols
WazirX is prioritizing users as their security is crucial for any insurance company. Apart from this, As a crypto user you must take care of your safety. Various service porviders and platforms like Web3Shield takes care and secure your transactions & valuable assets.
Conclusion
In India, while cryptocurrency transactions and gains are taxed, the government doesn’t fully recognize blockchain-based assets. This lack of recognition means users affected by hacks or cyber attacks often need more support.
WazirX is protecting your assets by temporarily pausing INR and crypto withdrawals. They’ll keep you updated with more information. To further protect your assets and secure your transactions from fraud, try Web3Shield and live freely!