WazirX, one of India’s top cryptocurrency exchanges with about 1.6 crore users, faced a major attack by alleged North Korea-linked hackers on Thursday.
What Happened: The hack has reportedly resulted in unauthorised withdrawals of various tokens amounting to around $235 million (about ₹1,966 crore) from its customers’ wallets.
Consequently, WazirX temporarily halted all withdrawals in rupees and cryptocurrencies, as announced on its X (formerly Twitter) account.
The affected wallet, managed by six signatories — five from WazirX and one from Liminal — required approvals from multiple parties and used advanced security measures, including ledger hardware wallets and whitelisted addresses, the company said in another X post. However, attackers exploited a mismatch in transaction data, transferring control to themselves, it added.
Liminal, on its part, said its platform has not been breached and its infrastructure, wallets and assets continue to remain safe. “Our preliminary investigations show that one of the self custody multi-sig smart contract wallets created outside of the Liminal ecosystem has been compromised,” the company said.
See Also: Reliance Shares Down Ahead Of Q1 Print: Here’s What To Expect
“Despite us taking all necessary steps to protect the customer assets, the cyber attackers appear to have possibly breached such security features, and the theft occurred,” the company said. “This is a force majeure event beyond our control, but we are leaving no stone unturned to locate and recover the funds. We have already blocked a few deposits and reached out to concerned wallets for recovery. We are in touch with the best resources to help us in this endeavor.”
North Korean Perpetrators? Elliptic, a global cryptocurrency analytics and compliance firm, identified North Korean hackers as the perpetrators behind the attack on WazirX.
Elliptic’s analysis revealed that WazirX lost about $235 million worth of crypto assets in the breach, involving more than 200 different assets.
The lost assets included nearly $97 million (₹811 crore) in Shibu Inu crypto coins, $52.6 million (₹440 crore) in Ether and $11 million (₹92 crore) in Matic. The hackers had already swapped several of these tokens for Ether using various decentralised services, which is a common initial step in the laundering process.
Elliptic’s on-chain analysis and other reviewed information indicated that the hack was carried out by hackers affiliated with North Korea.
Don't miss a beat on the share market. Get real-time updates on top stock movers and trading ideas on Benzinga India Telegram channel.
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.