In a major security incident, Indian cryptocurrency exchange WazirX fell victim to a hack that resulted in the theft of around $235 million worth of various digital assets. The breach, which occurred on July 18th, 2024, targeted WazirX’s multisig wallet on the Ethereum network.

Investigators believe the stolen funds were moved to a new address and then partially converted to Ethereum using the Tornado Cash mixing service, a tool often employed to obfuscate the trail of cryptocurrency transactions.

This incident has raised serious concerns about the security of multisig wallets, which are typically considered more secure than traditional wallets due to requiring multiple signatures for transactions.

Independent Investigator Tracks Stolen Funds

Independent blockchain investigator ZachXBT, known for his work tracing stolen crypto, has begun tracking the movement of the stolen funds. Through on-chain analysis, ZachXBT identified a series of test transactions on the Ethereum network originating from the suspected hacker address on July 10th. These transactions involved small amounts of SHIB tokens, suggesting potential preparation for the larger attack.

Technical Breakdown of the Attack

Further analysis by blockchain security expert Mudit reveals the attacker may have utilized Tornado Cash to launder a portion of the stolen funds. ZachXBT identified matching deposits and withdrawals involving small amounts of Ethereum, suggesting the use of Tornado Cash’s mixing service.

Traces Lead to Potential Exchange Involvement

By tracing the flow of funds further back, ZachXBT identified a series of transactions in early July that may be linked to the attacker’s source of funds. These transactions involve deposits from an unidentified exchange address, suggesting the attacker may have obtained some of the cryptocurrency used in the test transactions from another platform.

WazirX Suspends Withdrawals and Investigation Continues

In response to the breach, WazirX has temporarily suspended all withdrawals while they investigate the incident. The company has not yet commented on the specifics of the attack or the possibility of North Korean hacker involvement, a claim made by some security analysts.

WazirX Hacker Taunts Ethereum Co-founder

Adding an unusual twist to the incident, the hacker behind the attack reportedly sent a small amount of a newly created token named “I hacked WazirX” to the wallet address of Vitalik Buterin, the co-founder of Ethereum. The purpose of this action remains unclear.

This major security breach at WazirX highlights the ongoing challenges associated with cryptocurrency security. As investigations continue, the full scope of the attack and the identities of those involved remain to be seen.

Tags