Recently, cybersecurity firm Cyvers Alert revealed a major security breach at the Indian cryptocurrency exchange, WazirX. According to Cyvers, the exchange was exploited for approximately $235 million through suspicious transactions involving WazirX’s Safe Multisig wallet on the ETH network. The firm detected that a total of $234.9 million was transferred to a new address, with each transaction funded by Tornado Cash.
Stolen Assets
Blockchain analyst Lookonchain identified the stolen assets, which included a significant amount of various cryptocurrencies. The stolen assets comprised 5.43 trillion SHIB tokens valued at $102 million, 15,298 ETH worth $52.5 million, 20.5 million MATIC with a value of $11.24 million, 640.27 billion $PEPE worth $7.6 million, 5.79 million USDT, and 135 million GALA valued at $3.5 million. The attacker was reportedly selling and converting these assets to ETH.
Following the security breach, WazirX issued a statement confirming the incident and assuring users that their team was actively investigating the matter. To safeguard the assets of their customers, the exchange temporarily suspended INR and cryptocurrency withdrawals.
Speculations and Allegations
Amidst the chaos, speculation arose regarding the possible involvement of North Korea-backed hacker group Lazarus in the cyberattack. Cyvers Alert’s CEO, Deddy Lavid, suggested that the use of TornadoCash in funding the transactions resembled methods used in previous high-profile attacks. While it is premature to definitively link the incident to Lazarus Group, the similarities raised concerns within the cybersecurity community.
As one of the prominent cryptocurrency trading platforms in India, WazirX has faced scrutiny in the past. The exchange was previously embroiled in a public dispute over its ownership structure, with conflicting claims from founder Nischal Shetty and Binance’s former CEO, Changpeng Zhao. Despite these controversies, WazirX has remained a significant player in the Indian crypto market.
Lazarus Group has gained notoriety as one of the most prolific hacking collectives targeting the cryptocurrency industry in recent years. Their involvement in cybercrimes has instilled fear and caution among crypto exchanges and investors alike, underscoring the importance of robust cybersecurity measures to combat such threats.