Cyvers Alert, a blockchain security firm, recently reported a significant security breach at the Indian exchange WazirX. According to Cyvers, their system detected multiple suspicious transactions involving WazirX’s Safe Multisig wallet on the ETH network, resulting in a total loss of $234.9 million. The funds were moved to a new address, with each transaction’s caller being funded by Tornado Cash.
Blockchain analyst Lookonchain revealed that the stolen assets included 5.43 trillion SHIB tokens, valued at $102 million, 15,298 ETH worth $52.5 million, 20.5 million MATIC worth $11.24 million, 640.27 billion $PEPE worth $7.6 million, 5.79 million USDT, and 135 million GALA worth $3.5 million. The attacker was reported to be selling and converting these assets to ETH.
In response to the security breach, WazirX confirmed in a post on July 18 that one of its multisig wallets had been compromised, leading to the loss of an undisclosed sum. The crypto trading platform assured its users that the incident was under active investigation, and as a precautionary measure, both INR and crypto withdrawals would be temporarily paused to ensure the safety of assets.
Implications for WazirX
WazirX, known as one of the largest crypto trading platforms in India, has faced previous controversies over its ownership structure. A public dispute arose last year when founder Nischal Shetty claimed that Binance had acquired the exchange, a statement that was vehemently denied by Binance’s former CEO, Changpeng Zhao. The recent security breach at WazirX has raised concerns about the platform’s safety and security protocols.
Cyvers Alert, the blockchain security firm, suggested that the North Korea-backed hacker group Lazarus might be linked to the attack on WazirX. Deddy Lavid, the Co-founder & CEO of Cyvers Alert, highlighted the use of TornadoCash in funding the transactions, which is a method previously associated with high-profile hacking incidents. Although it is early to establish a direct connection to Lazarus Group, the similarities in tactics are alarming.
Rise of Lazarus Group in Cyber Attacks
In recent years, Lazarus Group has gained notoriety as one of the most prominent hacking groups targeting the crypto industry. Their sophisticated techniques and association with state-sponsored entities raise concerns about the security of cryptocurrency exchanges and platforms worldwide. The involvement of Lazarus Group in the WazirX security breach underscores the evolving landscape of cyber threats in the digital asset space.
Overall, the breach at WazirX serves as a stark reminder of the importance of robust security measures and constant vigilance in safeguarding digital assets against malicious actors and cyber attacks. Exchanges and platforms must prioritize cybersecurity to protect user funds and uphold the integrity of the crypto ecosystem.
Leave a Reply