Hackers Swindle Crypto’s Worth Millions From Wazirx
In a major security breach WazirX a major Indian crypto exchange suffered a huge blow when hackers stole cryptos worth millions from the wallets of the said exchange. The security breach has sent shock waves down the investors.Investors and Crypto exchange CEOs are in a shock after this incident.This incident is an eye opener for these exchanges whose tall claims have fallen flat .This is not a single incident of its kind but there have been many instances when funds worth crores were siphoned off and investors were left high and dry.
The news about theft was broken by Wazir x on its twitter handle citing different technical reasons of the theft. The statement wrote as follows,”We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We’ll keep you posted with further updates.
In an another statement Wazirx through its twitter handle gave a brief explanation about the incident,
Incident Overview: A cyber attack occurred in one of our multisig wallets involving a loss of funds exceeding $230 million. This wallet was operated utilizing the services of Liminal’s digital asset custody and wallet infrastructure from February 2023. » Wallet Configuration and Breach Mechanics: The wallet had six signatories—five from our WazirX team and one from Liminal, who were responsible for transaction verification’s.
A transaction typically requires approval from three of the WazirX signatories (all three of whom use Ledger Hardware Wallets for security), followed by the final approval from Liminal’s signatory. A policy to whitelist destination addresses was also in place to enhance security. These whitelisted addresses were earmarked and facilitated on the interface by Liminal; consequently, the WazirX team had the ability to initiate transactions to the said whitelisted addresses. » Nature of the Cyber Attack: The cyber attack stemmed from a discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents.
During the cyber attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. We suspect the payload was replaced to transfer wallet control to an attacker. » Security Measures and Response: We had robust security features, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy.
Despite us taking all necessary steps to protect the customer assets, the cyber attackers appear to have possibly breached such security features, and the theft occurred. This is a force majeure event beyond our control, but we are leaving no stone unturned to locate and recover the funds. We have already blocked a few deposits and reached out to concerned wallets for recovery. We are in touch with the best resources to help us in this endeavor. While these are our findings from our preliminary investigation, we will keep you posted with further updates. Together with your support, we shall overcome this challenge and emerge stronger and more resilient than ever.
Conclusion;
Wazirx is one of the primitive exchanges which had trust of millions of investors .But the this security breach is going to dent the image of all exchanges in India and investors will tread very carefully now to safeguard their hard earned money.