In a significant cybersecurity incident on July 18, 2024, WazirX, a prominent Indian cryptocurrency exchange, fell victim to a wallet exploit resulting in the unauthorized transfer of more than $230 million worth of crypto assets. The attack, which targeted the exchange’s multisig wallet on the Ethereum network, has sent shockwaves through the crypto community and led to substantial market volatility for affected tokens.
According to The Block’s report, security firm Blocksec says the exploit likely stemmed from a private key compromise. The attacker managed to upgrade the implementation of the Safe Wallet to a malicious contract, enabling them to drain the funds. Yajin Zhou, co-founder of Blocksec, explained that the leaked private keys were used to upgrade a safe multi-sig wallet holding a large number of assets to a malicious contract, which was then used to drain most of the assets in the Safe Wallet.
WazirX has acknowledged the security breach and has temporarily paused all withdrawals, including both cryptocurrency and Indian Rupee (INR), as they investigate the incident. The exchange stated that their team is actively working to understand and address the situation.
The stolen funds, now moved to a new address, include a diverse range of cryptocurrencies. On-chain data reveals that over $100 million in Shiba Inu (SHIB) was taken, along with 15,290 ETH (valued at approximately $52 million), and 20 million MATIC tokens (worth about $11 million). Additionally, the hacker made off with 640 billion PEPE tokens ($7.5 million), 5.7 million USDT, and 135 million GALA ($3.5 million).
The market impact of this hack has been swift and significant. WazirX’s native token, WRX, has experienced a sharp decline, trading 15% lower at around 14 cents. In rupee terms, the price has plummeted by more than 25% since the exchange confirmed the hack.
Other affected cryptocurrencies are also feeling the impact. SHIB has lost over 6% in U.S. dollar terms and is down 16% in rupee terms, as blockchain data suggests the attacker is actively liquidating the stolen coins. This selling pressure is likely contributing to SHIB’s declining market value.
Interestingly, while some tokens have remained relatively stable in dollar terms, they’ve suffered significant losses in WazirX’s INR trading pairs. The bitcoin-rupee (BTC/INR) pair, for instance, has declined by 11% to 5.1 million rupees ($60,945) on WazirX, trading at a substantial discount compared to rival exchange CoinDCX, where it was priced at 5.7 million rupees.
The USDT-INR pair on WazirX has also seen an 8% decrease. These discounts across various cryptocurrencies on WazirX likely reflect panic selling by investors and a rush to secure fiat currency in the wake of the hack.
Update on 7:10 a.m. UTC on 19 July 2024:
WazirX has issued an update regarding the recent cyber attack on one of its multisig wallets, resulting in a loss of over $230 million. The wallet, which utilized Liminal’s digital asset custody services, had six signatories: five from WazirX and one from Liminal. Transactions required approval from three WazirX signatories using Ledger Hardware Wallets, followed by Liminal’s signatory. Despite a policy to whitelist destination addresses, a discrepancy between data displayed on Liminal’s interface and the actual transaction contents allowed the attacker to transfer wallet control. WazirX suspects the payload was replaced during the signing process.
WazirX emphasized that they had implemented robust security measures, including the Gnosis Safe multi-sig smart contract platform and Liminal’s whitelisting policy. However, these were possibly breached, leading to the theft. The company is actively seeking to recover the stolen funds, having already blocked some deposits and reached out to concerned wallets. They are working with top resources and security experts to address the situation. WazirX pledges to provide ongoing updates and reassure the community of its commitment to overcoming this challenge and emerging stronger.
And blockchain analytics service “Spot on Chain” says the hacker has swapped almost $150 million in altcoins for Ether, likely aiming to prevent the funds from being frozen or blacklisted. The transfers have increased the total amount of stolen funds held in Ether to $201 million, up from the initial $52 million.
Featured Image via Pixabay