- India’s WazirX crypto exchange has recently been hit by a major multisig wallet hack, creating substantial concerns within the crypto community.
- Approximately $235 million worth of various crypto assets, including notable tokens like SHIB and PEPE, were affected by this breach.
- One striking incident within this breach included an unauthorized transaction of over 5 trillion SHIB tokens, underscoring the scale of the issue.
India’s WazirX crypto exchange compromised: $235 million in crypto assets stolen in a major hack. Users and regulators demand answers to ensure security and trust.
Massive Breach at WazirX Crypto Exchange
In a startling revelation, Indian crypto exchange WazirX has disclosed a significant security breach involving their multisig wallet. The hack has led to the abnormal transfer of crypto assets valued at over $230 million, with impacted tokens including prominent names such as Shiba Inu (SHIB), Pepe Coin (PEPE), Ethereum (ETH), and Polygon (MATIC).
WazirX Pauses Withdrawals Amid Security Investigation
The breach was particularly severe, prompting WazirX to pause all INR and crypto withdrawals to protect user assets. According to a statement from WazirX, funds were moved from a multisignature wallet to an unidentified address, marked as “0x04b2” by blockchain tracking platform Lookonchain. The exchange has reassured users that the situation is being closely monitored and further updates will be provided as the investigation progresses.
Details of the Wallet Breach
The compromised wallet has been actively offloading stolen assets, exacerbating user concerns. To date, the wallet has transferred 640.27 billion PEPE tokens worth approximately $7.6 million. Large amounts of other cryptocurrencies have also been affected, with 20.5 million MATIC tokens valued at $11.2 million and an astounding 5.4 trillion SHIB tokens worth $102.1 million being moved. Additionally, 15,298 ETH, roughly translating to $52.5 million, were compromised during this breach.
Hacker Utilizes Tornado Cash for Obfuscation
On July 18, 2024, Cyvers Alert detected a series of suspicious transactions involving WazirX’s multisig wallet on the Ethereum blockchain, amounting to around $234.9 million. These transactions were linked to Tornado Cash, a decentralized protocol often used for private transactions, complicating the tracing process. The hacker exchanged significant amounts of these stolen funds into Ethereum, using notable tokens like Tether (USDT), Pepe Coin, and Gala (GALA) as intermediaries.
Diversified Portfolio and Future Moves
Further scrutiny revealed that the new wallet address now holds a diversified portfolio, including $4.7 million in Floki (FLOKI), $3.2 million in Fantom (FTM), $2.8 million in Chainlink (LINK), and $2.3 million in Fetch.ai (FET). The use of Tornado Cash as a transaction anonymizer highlights the broader challenges faced by decentralized finance (DeFi) ecosystems in tracking and regulating illicit financial activities. This incident has sparked a renewed call for enhanced regulatory measures to safeguard user assets and prevent similar breaches in the future.
Conclusion
The WazirX multisig wallet hack has exposed significant vulnerabilities within crypto exchanges and highlighted the pressing need for robust security measures. As the investigation continues, users hope for swift action and enhanced safeguards to restore trust in the platform. Moving forward, it is imperative for exchanges to adopt stringent security protocols and for regulators to enforce comprehensive oversight to mitigate such risks.
