WazirX, a prominent Indian crypto exchange, was hacked for $230 million, representing 45% of its AUM (assets under management).
On-chain analysis reveals the hack was carried out by the infamous North Korean Lazarus group. The hack originated from the exchange’s multisig wallets getting breached. It held 200 kinds of digital assets, including SHIB, ETH, USDT, MATIC, PEPE, and more.
1 took to X to announce the unfortunate hack, “We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident.”
https://x.com/WazirXIndia/status/1813843289940058446
The exchange has paused withdrawals until further notice, “To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused.”
Blockchain investigation firm Elliptic connected the hack to North Korean origins, “On-chain analysis and other information reviewed by Elliptic indicates that this hack was perpetrated by hackers affiliated with North Korea.”
ZachXBT, an independent blockchain investigator, shared the same belief, stating on X, “All I can say is the WazirX hack has the potential markings of a Lazarus Group attack (yet again).”
https://x.com/zachxbt/status/1813896375597490177
Tarun Mangukiya, the co-founder of Copperx, mentioned that WazirX had probably signed a transaction on a phishing contract, leading to the North Korean hackers accessing its multisig wallet.
“@WazirXIndia upgraded Safe Implementation Skeleton with phishing one (in last 8 days).”
Questions arise about how numerous people in the WazirX team signed a transaction that let hackers commit a phishing attack. Multisig wallets are often considered highly secure because multiple participants sign transactions.
Lazarus Group, by committing this hack, adds another high-profile attack to its portfolio. It has wreaked havoc in the crypto space since 2017 and conducted other well-known hacks as early as 2010.
The North Korean outfit was also responsible for the Ronin bridge hack, resulting in losses of $650 million.
Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.