Business
WazirX Experiences $230 Million Security Breach Linked to North Korea
Discover the shocking details behind WazirX’s $230 million security breach, linked to North Korean hackers. Explore the implications for cryptocurrency security and what this means for users and investors in the digital currency market.
WazirX Security Breach: $230 Million Linked to North Korea Exploiter
In a shocking revelation, it has come to light that a North Korea-linked exploiter successfully siphoned off approximately $230 million from the Indian cryptocurrency exchange WazirX. According to blockchain tracker Lookonchain, the exploiter has predominantly converted the stolen assets into ether (ETH), currently holding over 59,097 ETH, which amounts to about $200 million at prevailing prices, along with another $15 million in various alternative tokens.
Hackers frequently convert illicitly obtained tokens into ether to utilize mixing services like Tornado Cash, which obscure transactional histories and facilitate the laundering of stolen funds. As of Friday morning, nearly all tokens available on WazirX were trading at substantial discounts compared to their global and local counterparts, indicating severe liquidity issues and intense selling pressure.
- The bitcoin/rupee trading pair plummeted by 22% in the last 24 hours, in stark contrast to other local exchanges such as CoinDCX and Zebpay, where prices saw a more modest decline of 2%.
- The shiba inu/rupee pair experienced a staggering drop of 30%.
- WazirX’s own WRX token fell by 40% within the same timeframe.
Interestingly, despite these alarming figures, trading volumes on WazirX surged to $8 million in the past 24 hours, a significant increase from $2.2 million reported on Wednesday. The exchange suffered a severe security breach on Thursday, resulting in over $100 million worth of shiba inu (SHIB) and $52 million in ether, along with other digital assets, being drained from its wallets. This theft represented more than 45% of the total reserves disclosed by the exchange in a report from June 2024, severely undermining any prospects of recovery for affected users.
WazirX attributed the exploit to a “mismatch” between a digital interface and a major crypto wallet, which ultimately facilitated the unauthorized withdrawal of assets, despite the presence of five signers from WazirX on the wallet that held user funds. The exchange stated, “During the cyber attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. We suspect the payload was replaced, allowing an attacker to gain control of the wallet.”
However, members of the Indian cryptocurrency community have expressed skepticism regarding this explanation. Pankaj Tanwar, a well-known crypto YouTuber, remarked on X, “With six people involved, needing only four to verify, yet we still got hacked? This blame game will irreparably damage #Crypto in India.”
Another user, identified as @studybitcoin21, who runs a Bitcoin podcast, questioned the security measures in place, stating, “How is this considered good security? What level of compliance is operational among exchanges?”
As a precautionary measure, WazirX has temporarily paused all crypto and fiat withdrawals following this incident.