North Korean hackers behind WazirX’s $230M security breach?

WazirX Cryptocurrency Exchange Suffers Major Security Breach

Early Thursday morning, Indian cryptocurrency exchange WazirX fell victim to a significant security breach, resulting in the loss of over $230 million in user funds, as reported by Todayq News.

Following the breach, blockchain analysis firm Elliptic suggested that North Korean hackers, potentially linked to the Lazarus Group, were likely responsible for the attack.

Stolen Funds and Exchange Response

The stolen assets account for over 45% of WazirX's $500 million holdings, according to a disclosure made in June 2024. At the time of reporting, the exchange's live proof of reserve site was undergoing maintenance, further complicating transparency for affected users.

The breach targeted a multisignature wallet, requiring multiple private keys for transaction approval. WazirX confirmed the incident on social media platform X, stating that their team is actively investigating the breach. To safeguard user assets, the exchange has temporarily suspended all INR and crypto withdrawals.

Wallet Management and Security Questions

Initially, WazirX named Liminal, a crypto custody firm, as the provider of the compromised wallet. However, this post was later deleted after Liminal clarified that the affected wallets were created outside its ecosystem, raising questions about the security protocols and oversight involved in managing WazirX's wallets.

Types of Stolen Assets

The stolen funds consisted of various cryptocurrencies, with blockchain data from Lookonchain indicating that over $100 million worth of Shiba Inu (SHIB) tokens were withdrawn, representing the most significant loss. Other notable losses include $52 million in Ether (ETH), $11 million in Matic's MATIC tokens, and $6 million in Pepe (PEPE) tokens.

Update: Asset Liquidation and Regulatory Response

Transactional data reveals that the attacker is liquidating the stolen assets through the on-chain exchange Uniswap. The exploiter still holds over $4.2 million in FLOKI tokens. This rapid liquidation could impact market stability, particularly for the affected tokens.

The Indian Financial Ministry has remained silent regarding the attack and its potential implications for the country's crypto ecosystem. This silence highlights the challenges and risks associated with the relatively unregulated crypto market in India.

Trading Activity and Takeaways

Despite the security breach, WazirX processed $2.2 million in trading volumes over the past 24 hours, primarily in Tether (USDT) stablecoins and XRP. This activity demonstrates the continued demand for crypto trading services.

The breach underscores the urgent need for robust security measures and regulatory frameworks to protect users in the crypto industry. As WazirX works to address the breach and secure its platform, the incident serves as a stark reminder of the vulnerabilities that persist in the digital currency realm.