India’s Leading Exchange WazirX Breached By North Korean Hackers, $235 Million In Crypto Stolen

4 months ago 4
ARTICLE AD BOX

North Korean Hacking Group Gathers Over $40 Million In BTC After Prolific Attacks Against Exchange And Wallets

WazirX, an Indian crypto exchange, experienced a security breach on Thursday, resulting in the unauthorized transfer of roughly $235 million worth of crypto assets. The exploiter is actively converting the stolen tokens into Ethereum, and the exchange has already paused rupee and crypto withdrawals.

North Korea Hackers Tied To WazirX Hack

The hack targeted WazirX’s multi-sig wallet on the Ethereum network, potentially due to a private key compromise, and siphoned the assets. Multi-sig wallets are a type of cryptocurrency wallet that requires two or more private keys to authenticate and confirm transactions before processing. Blocksec indicated that to conduct the attack, the hackers needed to upgrade the implementation of this Safe wallet to a malicious contract.

Blockchain data from Lookonchain shows that the perpetrator stole more than $100 million worth of Shiba Inu (SHIB) tokens, the most among lost funds, followed by $52 million in Ethereum (ETH), $11 million in Polygon (MATIC), and $6 million in Pepe (PEPE).

The attacker’s wallet also held $4.7 million FLOKI, $3.2 million Fantom, $2.8 million Chainlink, $2.3 million Fetch.ai (FET), and the remaining assets split between a wide range of other cryptocurrencies. The stolen funds account for approximately 45% of the exchange’s $500 million reserves, as revealed in its June report.

The compromised funds were shifted to an address that actively converted the stolen haul of Tether’s USDT, PEPE, and Gala (GALA) into Ether. Moreover, the exploiter has been selling the crypto holdings via the on-chain exchange Uniswap.

Blockchain sleuth Elliptic says its on-chain analysis found that North Korea-linked hackers conducted today’s high-profile attack on WazirX.

“On-chain analysis and other information reviewed by Elliptic indicates that his hack was perpetrated by hackers affiliated with North Korea,” Elliptic said in a blog post.

Withdrawals Suspended

Wazir has acknowledged the hack incident, explaining that it’s still investigating the malicious transactions and halted all Indian Rupee (INR) and crypto withdrawals. “We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused,” the crypto exchange wrote on X.

This incident is the latest in a series of high-profile crypto exchange exploits that have plagued the sector in recent years.

In March 2022, the Ronin Network was hit with a massive $625 million hack, also believed to be orchestrated by the infamous North Korean hackers. The crypto world was further shaken in November of that year when FTX, once a crypto powerhouse, lost a whopping $650 million in a mega-heist on the same day it filed for bankruptcy.

Read Entire Article