On Thursday, July 18, 2024, the Indian cryptocurrency exchange WazirX experienced a major security breach, resulting in the loss of over $235 million in user funds.
According to reports, the incident involved the compromise of one of WazirX’s multi-signature (multisig) wallets on the Ethereum network. Cybersecurity firm Cyvers Alert detected “multiple suspicious transactions” that led to the movement of $234.9 million in funds to a new address.
The stolen assets included a significant amount of Shiba Inu (SHIB) tokens, worth over $100 million, as well as Ether (ETH), Matic (MATIC), Pepe (PEPE), and other digital assets. The exploiter is actively selling and converting the stolen funds on the decentralized exchange Uniswap.
In response to the breach, WazirX has temporarily suspended all cryptocurrency deposits and withdrawals to ensure the safety of user assets. The exchange has also stated that its team is actively investigating the incident.
Interestingly, Cyvers Alert has suggested that the North Korea-backed hacking group Lazarus may be behind the attack, citing the use of Tornado Cash, a privacy-focused protocol, to obfuscate the transactions. However, the link to Lazarus has not been definitively confirmed.
With Inputs from agencies
| 
