Unpacking the WazirX Hack: What Happened and How Much Crypto is Lost
WazirX suffered a breach, losing over $100M in SHIB, $52M in ETH, and other assets, totaling 45% of its reserves.
WazirX, the largest Indian cryptocurrency exchange, was hit by a security breach in one of its multisig wallets on Thursday.
The incident resulted in the loss of over $230 million from the multisig wallet.
Over $230 Million Stolen in WazirX Breach
The company announced the attack in a post on X:
According to Arkham Intelligence, the attacker sto le approximately $102.1 million in SHIB (Shiba Inu) tokens, which have now been fully sold off. According to Elliptic data, the breach also involved the theft of $52.6 million in Ether, $11 million of Matic, and $7.6 million of Pepe.
These stolen assets represent more than 45 percent of the total reserves reported by WazirX as of June 2024, reducing hopes for the recovery of user funds.
Lookonchain noted that the WazirX hacker has converted most of the stolen assets into 43,800 ETH, valued at $149.46 million, and currently holds 59,097 ETH, worth $201.67 million. The hacker also deposited 7.7 million DENT, valued at $7,300, into a Binance deposit address that had not been used before.
Approximately $15 million in assets remain, including 1.66 billion DENT worth $1.56 million, 6.76 million CHR worth $1.72 million, 78.6 million CELR worth $1.12 million, and 958,428 FRONT worth $909,000.
What Caused The WazirX Breach?
WazirX’s preliminary findings reveal that the cyber attack resulted from a discrepancy between the data displayed on Liminal’s interface and the actual transaction details. WazirX suspects that the payload may have been manipulated to transfer control of the wallet to the attacker.
However, some members of the Indian crypto community are skeptical of this explanation. “There are six people, needing four to verify, yet it still got hacked, and now there’s a blame game,” commented Pankaj Tanwar, a well-known crypto YouTuber, on X. He added that this incident will harm Crypto in India more than anyone can imagine.
The company’s report also states that the breached wallet was operated using Liminal’s digital asset custody and wallet infrastructure, which has been in place since February 2023. The wallet was controlled by a multisig arrangement with six signatories: five from WazirX and one from Liminal.
“A policy to whitelist destination addresses was also in place to enhance security. These whitelisted addresses were earmarked and facilitated on the interface by Liminal; consequently, the WazirX team had the ability to initiate transactions to the said whitelisted addresses.”
WazirX added that they had implemented robust security features, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy, which they acknowledged the hacker managed to bypass.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
3 Best Solana Meme Coins to Buy Now – No Mans Land, FreeDum Fighters, Popcat (SOL)
Bitget Spot Bot adds MERL/USDT
We are pleased to announce that Bitget spot bot has now added: MERL/USDT. Reference 1. Spot grid 2. Crash course on Spot Grid Disclaimer Despite high growth potential, cryptocurrencies still face high risks and volatility. You are strongly advised to do your own research as you invest at your own r