WazirX Cryptocurrency Exchange Suffers Major Security Breach

WazirX 加密货币交易所遭遇重大安全漏洞

Early Thursday morning, Indian cryptocurrency exchange WazirX fell victim to a significant security breach, resulting in the loss of over $230 million in user funds, as reported by Todayq News.

据 Todayq News 报道，周四凌晨，印度加密货币交易所 WazirX 遭遇重大安全漏洞，导致用户资金损失超过 2.3 亿美元。

Following the breach, blockchain analysis firm Elliptic suggested that North Korean hackers, potentially linked to the Lazarus Group, were likely responsible for the attack.

事件发生后，区块链分析公司 Elliptic 表示，可能与 Lazarus Group 有联系的朝鲜黑客可能对此次攻击负责。

Stolen Funds and Exchange Response

资金被盗和交易所反应

The stolen assets account for over 45% of WazirX's $500 million holdings, according to a disclosure made in June 2024. At the time of reporting, the exchange's live proof of reserve site was undergoing maintenance, further complicating transparency for affected users.

根据 2024 年 6 月的披露，被盗资产占 WazirX 5 亿美元资产的 45% 以上。截至报告发布时，该交易所的实时储备证明网站正在进行维护，这使得受影响用户的透明度进一步复杂化。

The breach targeted a multisignature wallet, requiring multiple private keys for transaction approval. WazirX confirmed the incident on social media platform X, stating that their team is actively investigating the breach. To safeguard user assets, the exchange has temporarily suspended all INR and crypto withdrawals.

该漏洞针对的是多重签名钱包，需要多个私钥才能进行交易批准。 WazirX 在社交媒体平台 X 上证实了这一事件，并表示他们的团队正在积极调查此次泄露事件。为了保护用户资产，交易所暂时停止所有印度卢比和加密货币提现。

Wallet Management and Security Questions

钱包管理和安全问题

Initially, WazirX named Liminal, a crypto custody firm, as the provider of the compromised wallet. However, this post was later deleted after Liminal clarified that the affected wallets were created outside its ecosystem, raising questions about the security protocols and oversight involved in managing WazirX's wallets.

最初，WazirX 将加密货币托管公司 Liminal 指定为受感染钱包的提供商。然而，在 Liminal 澄清受影响的钱包是在其生态系统之外创建后，这篇文章后来被删除，引发了有关管理 WazirX 钱包的安全协议和监督的问题。

Types of Stolen Assets

被盗资产的类型

The stolen funds consisted of various cryptocurrencies, with blockchain data from Lookonchain indicating that over $100 million worth of Shiba Inu (SHIB) tokens were withdrawn, representing the most significant loss. Other notable losses include $52 million in Ether (ETH), $11 million in Matic's MATIC tokens, and $6 million in Pepe (PEPE) tokens.

被盗资金包括各种加密货币，Lookonchain 的区块链数据显示，价值超过 1 亿美元的 Shiba Inu (SHIB) 代币被撤回，这是最严重的损失。其他显着损失包括 5200 万美元的以太币 (ETH)、1100 万美元的 Matic 的 MATIC 代币以及 600 万美元的 Pepe (PEPE) 代币。

Update: Asset Liquidation and Regulatory Response

更新：资产清算和监管反应

Transactional data reveals that the attacker is liquidating the stolen assets through the on-chain exchange Uniswap. The exploiter still holds over $4.2 million in FLOKI tokens. This rapid liquidation could impact market stability, particularly for the affected tokens.

交易数据显示，攻击者正在通过链上交易所 Uniswap 清算被盗资产。该漏洞利用者仍持有超过 420 万美元的 FLOKI 代币。这种快速清算可能会影响市场稳定性，尤其是受影响的代币。

The Indian Financial Ministry has remained silent regarding the attack and its potential implications for the country's crypto ecosystem. This silence highlights the challenges and risks associated with the relatively unregulated crypto market in India.

印度财政部对此次攻击及其对该国加密生态系统的潜在影响保持沉默。这种沉默凸显了印度相对不受监管的加密货币市场所面临的挑战和风险。

Trading Activity and Takeaways

交易活动和要点

Despite the security breach, WazirX processed $2.2 million in trading volumes over the past 24 hours, primarily in Tether (USDT) stablecoins and XRP. This activity demonstrates the continued demand for crypto trading services.

尽管存在安全漏洞，WazirX 在过去 24 小时内处理了 220 万美元的交易量，主要是 Tether (USDT) 稳定币和 XRP。这一活动表明了对加密货币交易服务的持续需求。

The breach underscores the urgent need for robust security measures and regulatory frameworks to protect users in the crypto industry. As WazirX works to address the breach and secure its platform, the incident serves as a stark reminder of the vulnerabilities that persist in the digital currency realm.

此次泄露凸显了迫切需要强有力的安全措施和监管框架来保护加密行业的用户。在 WazirX 致力于解决漏洞并保护其平台的同时，该事件清楚地提醒人们数字货币领域中持续存在的漏洞。