Mumbai-based crypto exchange WazirX reported a security breach this morning, resulting in the theft of about $235 million in cryptocurrency and the collapse of one of its Ethereum wallets.
The issue came to light when Web3 security company Cyvers discovered $234.9 million in suspicious transactions from the exchange’s wallet to another address.
Reacting quickly, WazirX locked up his property and purse and secured it. “We know there was a security breach in one of our multisig wallets. Our team is actively investigating the matter,” the company announced on X. As a precaution, INR and crypto withdrawals have been temporarily suspended.
A multisig wallet, similar to a safe deposit box that requires multiple keys, requires two or more signatures to perform a transaction, providing additional security, but with the specifics of when the breach occurred remain unclear.
Blockchain security firm Elliptic linked the attack to a North Korean hacking group. The stolen assets included $96.7 million in Shiba Inu, $52.6 million in Meme coins, $52.6 million in Ethereum, $11 million in Matic and $7.6 million in Pepe. This theft represents almost half of VazirX’s $500 million in reserve holdings, according to their June 2024 Proof of Reserves report.
Etherscan data shows that hackers began moving assets through UniSwap, a decentralized exchange.
With over 16 million users, WazirX is the first crypto exchange in India, licensed by local regulators. In the last 24 hours, exchanges traded $5.29 million, with 256 listings. It is important for WazirX users to stay updated and stay vigilant as investigation continues.
