On July 17, 2024, WazirX, one of India’s leading cryptocurrency exchanges, experienced a significant security breach. Unauthorized withdrawals exceeding $230 million were reported, sparking concerns about the platform’s security protocols. Here’s a detailed overview of the incident:
Nature of the Breach
- Targeted Multisignature Wallet: The attackers compromised a Safe Multisig wallet, which requires multiple private keys for transaction authorization. This type of wallet is typically used to enhance security by requiring multiple approvals for transactions .
- Method: The hackers managed to compromise the private keys used to upgrade the wallet. They then transferred 234.9 million worth of stolen crypto assets to a new address labeled “0x04b2” and converted them into Ethereum.
- Use of TornadoCash: The stolen assets were funneled through TornadoCash, a decentralized protocol for private transactions on Ethereum, making it difficult to trace the funds and identify the culprits.
Impact
- Assets Stolen: The breach involved various digital assets, including PEPE, GALA, and USDT tokens, which were swiftly converted into ETH and other cryptocurrencies.
- Immediate Response: WazirX paused all INR and crypto withdrawals as a precautionary measure to safeguard user funds. The exchange has acknowledged the breach and is actively investigating the incident .
- Communication: WazirX posted on social media about the breach, confirming the security incident and informing users about the temporary suspension of withdrawals. They assured users that their team is working diligently to resolve the issue and enhance security measures.
Ongoing Efforts
- Investigation and Recovery: WazirX is collaborating with blockchain security firms like Cyvers Alerts, which initially reported the attack, to investigate the breach and attempt to recover the stolen funds.
- Preventive Measures: The exchange is taking steps to improve its security infrastructure to prevent future incidents. Users are advised to enable two-factor authentication and other security features to protect their accounts.
User Advisory
- Vigilance: Users are recommended to stay vigilant, monitor their accounts for suspicious activity, and ensure they have activated all available security features.
This breach highlights the vulnerabilities in the cryptocurrency sector and underscores the need for robust security measures to protect digital assets. WazirX’s efforts to mitigate the damage and enhance security will be crucial in regaining user trust and preventing similar incidents in the future.