Indian Crypto Exchange WazirX Suffers Second-Largest Crypto Hack of 2024: $234.9 Million in Crypto Stolen

icon쿠코인 뉴스
공유
Copy

On Thursday, July 18, 2024, Indian cryptocurrency exchange WazirX detected a severe security breach involving its Safe Multisig wallet on the Ethereum network. The breach resulted in unauthorized transfers of approximately $234.9 million worth of digital assets to a new address, according to a report from Cointelegraph.

 

Quick Take 

  • WazirX's Safe Multisig wallet on Ethereum has been compromised, resulting in the transfer of over $230 million worth of crypto assets, including SHIB, ETH, and MATIC. 

  • In response, WazirX pauses all withdrawals to protect user funds.

  • Both Cyvers and ZachXBT are actively investigating the breach.

 

Cyvers’ alert about WazirX hack | Source: X 

 

The security breach was first reported by Web3 security firm Cyvers. According to Cyvers, the funds were transferred from WazirX’s wallet to a new address, which had been funded by Tornado Cash, a decentralized protocol known for private transactions.

 

List of crypto assets stolen in WazirX hack | Source: LookOnChain on X

 

The moved funds included a mix of Shiba Inu (SHIB), Tether (USDT), Pepe (PEPE), and Gala (GALA), which were subsequently swapped into Ether (ETH).

 

Further Analysis by ZachXBT: Over $100M SHIB Stolen

On-chain investigator ZachXBT provided additional insights into the wallet's holdings. According to ZachXBT, the suspected primary attacker still holds significant amounts of various cryptocurrencies, including:

 

WazirX’s Response

Source: WazirX on X 

 

In response to the breach, WazirX has temporarily suspended all cryptocurrency and INR withdrawals on the platform to safeguard user assets. In an official X post, the exchange acknowledged the incident, stating:

 

"We are aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused."

 

Potential Links to High-Profile Hacks

The breach's association with Tornado Cash has raised concerns about the attack's potential links to high-profile hacking groups. Deddy Lavid, CEO of Cyvers, noted similarities between this breach and previous attacks attributed to the notorious Lazarus Group, a North Korean state-sponsored hacking collective.

 

Both Cyvers and ZachXBT are actively monitoring the situation. The compromised funds' swift movement and conversion into different digital assets suggest an attempt to launder the stolen assets.

 

Broader Implications for the Crypto Market

This breach marks the second-largest crypto hack of 2024, following the DMM Bitcoin security breach in May. The incident highlights the growing need for robust security measures in the crypto industry, especially for exchanges handling large volumes of digital assets.

 

Conclusion

As WazirX actively investigates the breach, it's still early to determine whether the stolen funds can be fully recovered or if user funds have been affected.  The full impact of the breach remains uncertain and users are advised to stay informed through official updates from WazirX as the situation develops. 

 

면책조항: 이 페이지의 정보는 타사로부터 확보한 것일 수 있으며 쿠코인의 관점 또는 의견을 반드시 반영하지 않습니다. 이 콘텐트는 일반적인 참고용 정보이며 어더한 종류의 진술이나 보증이 아닙니다. 또한 재무적 또는 투자적 자문을 구성해서는 안됩니다. 쿠코인은 어떠한 오류 또는 생략, 이 정보의 사용으로 인한 결과에 대해 책임을 지지 않습니다. 디지털 자산 투자는 위험할 수 있습니다. 본인의 재무 상황에 근거하여 상품의 위험과 본인의 위험성향을 신중히 평가하세요. 자세한 정보는 쿠코인의 이용약관위험 공시를 참고하세요.
관련 토픽 더 보기
16