The North Korea-linked attacker who targeted WazirX converted the majority of the stolen $230 million in user assets into ether worth a total of $200 million.
This exploit significantly impacted WazirX’s liquidity and listed token prices, with the exchange’s WRX token dropping by 40% in the last 24 hours.
WazirX said that despite having five signatories from the exchange on a wallet storing user assets, the attack triggered an incompatibility between a digital interface and a major crypto wallet.
The North Korea-linked exploiter who stole $230 million from Indian cryptocurrency exchange WazirX said on Friday that he converted most of the loot into ETH. Blockchain tracker Lookonchain said:
As of Friday morning, the exploiter holds 59,097 ETH, worth $200 million at current prices, as well as $15 million in various alternative tokens.
Hackers often use mixing services like Tornado Cash, which mask transactional activity by converting tokens into ether, facilitating money laundering.
As of Friday morning, almost all tokens listed on WazirX were trading at a steep discount to their global and local prices, a sign of poor liquidity and intense selling pressure.
(QueenX)
The bitcoin/rupee trading pair has fallen by 22% in the last 24 hours compared to other local exchanges like CoinDCX and Zebpay where prices have fallen by 2%. The shiba inu/rupee pair has fallen by 30%.
WazirX’s own WRX token has fallen by 40% in the last 24 hours. Meanwhile, trading volume on the exchange has risen to $8 million in the last 24 hours, compared to $2.2 million on Wednesday.
WazirX faced a security breach in one of its multisig wallets on Thursday, which resulted in the withdrawal of more than $100 million worth of shiba inu (SHIB) and $52 million worth of ether, among other assets, from the exchange. The stolen funds accounted for more than 45% of the exchange’s total reserves as stated in its June 2024 report, effectively dampening hopes for a recovery among users.
Why did you keep your 50% funds in one wallet? It’s over for you. Lazarus group. They already sold and cashed it out. They leave no stone unturned.
— Rayan Hassan (@rayanhassan96) July 18, 2024
Despite the fact that five signatories from WazirX were present in a wallet where user assets were stored, the reason why the vulnerability was eventually triggered was said to be an “incompatibility” between a digital interface and a major crypto wallet.
“During the cyberattack, there was a mismatch between the information displayed in Liminal’s interface and what was actually signed,” the exchange explained in a post. “We suspect the payload was modified to transfer wallet control to an attacker.”
The story continues
However, some in the Indian crypto community have expressed distrust over this statement.
“There are 6 people out there, still need 4 more to confirm it was hacked and blame game,” Pankaj Tanwar, a popular crypto YouTuber, said on X. “This bug will do unimaginable damage to #Crypto in India.”
“How is that good security? What kind of compliance is there on exchanges?” said @studybitcoin21, who runs the Bitcoin podcast.
Crypto and fiat withdrawals from WazirX have been temporarily suspended.
Bitcoin 
Ethereum 
XRP 
Tether 
Solana 
BNB 
Dogecoin 
USDC 
Cardano 
Lido Staked Ether 
TRON 
Avalanche 
Sui 
Wrapped stETH 
Chainlink 
Toncoin 
Shiba Inu 
Stellar 
Wrapped Bitcoin 
Hedera 
Polkadot 
WETH 
Bitcoin Cash 
Uniswap 
Pepe 
LEO Token 
Litecoin 
Hyperliquid 
Bitget Token 
Wrapped eETH 
NEAR Protocol 
Internet Computer 
Ethena USDe 
USDS 
Aptos 
Aave 
Mantle 
Bittensor 
Virtuals Protocol 
POL (ex-MATIC) 
Cronos 
Ethereum Classic 
Render 
VeChain 
Artificial Superintelligence Alliance 
MANTRA 
Tokenize Xchange 
Arbitrum 
Ethena 
WhiteBIT Coin