WazirX Cryptocurrency Exchange Suffers Major Security Breach

WazirX 加密貨幣交易所遭遇重大安全漏洞

Early Thursday morning, Indian cryptocurrency exchange WazirX fell victim to a significant security breach, resulting in the loss of over $230 million in user funds, as reported by Todayq News.

根據 Todayq News 報導，週四凌晨，印度加密貨幣交易所 WazirX 遭遇重大安全漏洞，導致用戶資金損失超過 2.3 億美元。

Following the breach, blockchain analysis firm Elliptic suggested that North Korean hackers, potentially linked to the Lazarus Group, were likely responsible for the attack.

事件發生後，區塊鏈分析公司 Elliptic 表示，可能與 Lazarus Group 有聯繫的北韓駭客可能對此攻擊負責。

Stolen Funds and Exchange Response

資金被盜和交易所反應

The stolen assets account for over 45% of WazirX's $500 million holdings, according to a disclosure made in June 2024. At the time of reporting, the exchange's live proof of reserve site was undergoing maintenance, further complicating transparency for affected users.

根據 2024 年 6 月的揭露，被盜資產佔 WazirX 5 億美元資產的 45% 以上。

The breach targeted a multisignature wallet, requiring multiple private keys for transaction approval. WazirX confirmed the incident on social media platform X, stating that their team is actively investigating the breach. To safeguard user assets, the exchange has temporarily suspended all INR and crypto withdrawals.

該漏洞針對的是多重簽名錢包，需要多個私鑰才能進行交易批准。 WazirX 在社群媒體平台 X 上證實了這起事件，並表示他們的團隊正在積極調查這起外洩事件。為了保護用戶資產，交易所暫時停止所有印度盧比和加密貨幣提現。

Wallet Management and Security Questions

錢包管理與安全問題

Initially, WazirX named Liminal, a crypto custody firm, as the provider of the compromised wallet. However, this post was later deleted after Liminal clarified that the affected wallets were created outside its ecosystem, raising questions about the security protocols and oversight involved in managing WazirX's wallets.

最初，WazirX 將加密貨幣託管公司 Liminal 指定為受感染錢包的提供者。然而，在 Liminal 澄清受影響的錢包是在其生態系統之外創建後，這篇文章後來被刪除，引發了有關管理 WazirX 錢包的安全協議和監督的問題。

Types of Stolen Assets

被盜資產的類型

The stolen funds consisted of various cryptocurrencies, with blockchain data from Lookonchain indicating that over $100 million worth of Shiba Inu (SHIB) tokens were withdrawn, representing the most significant loss. Other notable losses include $52 million in Ether (ETH), $11 million in Matic's MATIC tokens, and $6 million in Pepe (PEPE) tokens.

被盜資金包括各種加密貨幣，Lookonchain 的區塊鏈數據顯示，價值超過 1 億美元的 Shiba Inu (SHIB) 代幣被撤回，這是最嚴重的損失。其他顯著損失包括 5,200 萬美元的以太幣 (ETH)、1,100 萬美元的 Matic 的 MATIC 代幣以及 600 萬美元的 Pepe (PEPE) 代幣。

Update: Asset Liquidation and Regulatory Response

更新：資產清算和監管反應

Transactional data reveals that the attacker is liquidating the stolen assets through the on-chain exchange Uniswap. The exploiter still holds over $4.2 million in FLOKI tokens. This rapid liquidation could impact market stability, particularly for the affected tokens.

交易數據顯示，攻擊者正在透過鏈上交易所 Uniswap 清算被盜資產。該漏洞利用者仍持有超過 420 萬美元的 FLOKI 代幣。這種快速清算可能會影響市場穩定性，尤其是受影響的代幣。

The Indian Financial Ministry has remained silent regarding the attack and its potential implications for the country's crypto ecosystem. This silence highlights the challenges and risks associated with the relatively unregulated crypto market in India.

印度財政部對此攻擊及其對該國加密生態系統的潛在影響保持沉默。這種沉默凸顯了印度相對不受監管的加密貨​​幣市場所面臨的挑戰和風險。

Trading Activity and Takeaways

交易活動和要點

Despite the security breach, WazirX processed $2.2 million in trading volumes over the past 24 hours, primarily in Tether (USDT) stablecoins and XRP. This activity demonstrates the continued demand for crypto trading services.

儘管存在安全漏洞，WazirX 在過去 24 小時內處理了 220 萬美元的交易量，主要是 Tether (USDT) 穩定幣和 XRP。這項活動顯示了對加密貨幣交易服務的持續需求。

The breach underscores the urgent need for robust security measures and regulatory frameworks to protect users in the crypto industry. As WazirX works to address the breach and secure its platform, the incident serves as a stark reminder of the vulnerabilities that persist in the digital currency realm.

這次洩漏凸顯了迫切需要強有力的安全措施和監管框架來保護加密產業的用戶。在 WazirX 致力於解決漏洞並保護其平台的同時，該事件清楚地提醒人們數位貨幣領域中持續存在的漏洞。