India’s leading crypto exchange WazirX suffered a security breach in one of its multisig wallets, losing over $230 million [2000 cr INR] in the onslaught. The exchange’s team is currently investigating the incident and assured users that their funds are safe. However, INR and crypto withdrawals will be temporarily paused.
Among the assets stolen are 5.43 trillion SHIB [$102 million], 15,298 ETH [$52.5 million], 20.5 million MATIC [$11.24 million], 640.27 billion PEPE [$7.6 million], 5.79 million USDT, and 135 million GALA [$3.5 million].
While further details are awaited, on-chain sleuth ZachXBT has submitted evidence of a KYC-linked deposit address used by the exploiter to receive funds from the WazirX exploit. The hackers orchestrated a methodical and organized attack, that lasted a total of 8 days.
Security experts have pointed the finger towards the infamous Lazarus group of North Korea as the hacker. On July 10th, ZachXBT found that the hacker’s address was involved in test transactions and was funded with Ethereum [ETH] through multiple smaller transactions. The attacker then used the crypto mixer Tornado Cash to hide the transaction trail.
The investigator discovered six transactions in which the attacker received 0.1 ETH via Tornado Cash. Subsequently, the investigator matched the transactions flowing out of Tornado Cash with the deposits flowing into Tornado Cash, despite the attacker’s attempt to obfuscate the flow of funds. ZachXBT then managed to match the transactions coming out of Tornado Cash to the deposits going in. This means he could trace where the money was coming from despite the mixing attempt.
Rumors Of WazirX Hacker Contacting Vitalik Buterin
Unveiling the chain of transactions, he found that multiple addresses were connected through transactions. Some addresses use multi-signature wallets, which require several approvals for a transaction. This enabled him to find the final link where some of the funds were sent back to the exchange, proving that the hacker used a KYC-verified account at some point.
While the development is troubling for the struggling Indian crypto ecosystem, several screenshots of transaction trails have surfaced showing the alleged WazirX exploiter making statements like, ” I hacked WazirX tokens” to none other than Vitalik Buterin. Some users claim that this is not a theft but a statement, hoping that a deal works out between both parties.