What happened and how much cryptography is lost

WazirX, India’s largest cryptocurrency exchange, was hit by a security breach in one of its multisig wallets on Thursday.

The incident resulted in the loss of more than $230 million from the multisig portfolio.

Over $230 million stolen in WazirX breach

The company announced the attack in a post on X:

At WazirX, our commitment to transparency and community well-being is paramount. There was a cyber attack on one of our multisig wallets. Below are the preliminary findings to clarify the situation:

» Incident Overview: A cyber attack has occurred on one of our multisig wallets…

— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 18, 2024

According to Arkham Intelligence, the attacker stole approximately $102.1 million in SHIB (Shiba Inu) tokens, which have now been completely sold. According to data from Elliptic, the breach also involved the theft of $52.6 million from Ether, $11 million from Matic and $7.6 million from Pepe.

These stolen assets represent more than 45 percent of total reserves reported by WazirX as of June 2024, reducing hopes of recovering user funds.

Lookonchain noted that hacker WazirX has converted most of the stolen assets into 43,800 ETH, valued at $149.46 million, and currently holds 59,097 ETH, worth $201.67 million. The hacker also deposited 7.7 million DENT, valued at $7,300, into a previously unused Binance deposit address.

The #WazirX operator has exchanged most of the assets for 43,800 $ETH($149.46M) and currently has 59,097 $ETH($201.67 million).

Currently, approximately $15 million in assets remain. Includes:
1.66B $DENT ($1.56 million)
6.76 million $CHR ($1.72 million)
78.6 million $CELR ($1.12 million)
958,428 $ FRONT ($909,000)
…

Is it worth it… pic.twitter.com/MX9uvt3BpV

— Lookonchain (@lookonchain) July 19, 2024

Approximately $15 million in assets remain, including 1.66 billion DENT worth $1.56 billion, 6.76 billion CHR worth $1.72 billion, 78.6 million CELR worth $1.12 billion, and 958,428 FRONT worth of $909,000.

What caused the WazirX breach?

WazirX’s preliminary findings reveal that the cyber attack was the result of a discrepancy between the data displayed on Liminal’s interface and the actual transaction details. WazirX suspects that the payload may have been manipulated to transfer control of the wallet to the attacker.

However, some members of the Indian crypto community are skeptical of this explanation. “There are six people, who need four to verify, but they still got hacked, and now there is a blame game,” Pankaj Tanwar, a well-known crypto YouTuber, told X. He added that this incident will hurt Crypto more in India than anyone can imagine.

The company’s report also states that the breached wallet was operated using Liminal’s digital asset custody and wallet infrastructure, which has been in operation since February 2023. The wallet was controlled by a multi-sig agreement with six signatories: five from WazirX and one from Liminal.

“A policy for whitelisting destination addresses had also been established to improve security. These whitelisted addresses were assigned and provided to the interface by Liminal; consequently, the WazirX team had the ability to initiate transactions to addresses mentioned in the whitelist.”

WazirX added that they had implemented robust security features, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy, which they acknowledged the hacker managed to circumvent.

SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).

2024 LIMITED OFFER on BYDFi Exchange – Up to $2888 Welcome Reward, Use this link to register and open a 100 USDT-M position for free!