This morning, India’s largest exchange, WazirX, was hacked, resulting in the theft of assets worth over $234.9 million. This incident underscores the importance of not storing assets in exchange wallets and being meticulous when selecting a platform to work with.
Immediately after the hack, the wallet where the fraudsters transferred the assets was leaked online. This made it relatively easy to track their next steps. Below, we provide a link to the wallet and detail the stolen assets and the hackers’ subsequent actions.
WazirX Exchange Hack
Cyvers Alerts was the first to report the hack, having detected “multiple suspicious transactions” involving the Safe Multisig wallet on Ethereum.
🚨ALERT🚨Hey @WazirXIndia, Our system has detected multiple suspicious transactions involving your Safe Multisig wallet on the #ETH network.
A total of $234.9M of your funds have been moved to a new address. Each transaction's caller is funded by @TornadoCash.
The suspicious… pic.twitter.com/4sajAwd4Hb
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 18, 2024
According to the report, a total of $234.9 million in funds were transferred to a new address. Interestingly, the initiator of the transaction was funded by Tornado Cash.
ZachXBT, a well-known blockchain transaction researcher, provided a detailed analysis of the WazirX hack. Here are the highlights and an overview of his findings:
Seed Funding via Tornado Cash:
- On 10 July at 15:03 UTC, wallet ‘0xc68’ received 1 ETH from Tornado Cash.
- A corresponding deposit of 1 ETH was made to wallet ‘0x87c0’ 9 hours earlier.
Transaction Tracking:
- Tracing from wallet ‘0xc891’, it was funded with two transactions of 0.36 ETH and 0.66 ETH on 8 July.
- These transactions came from the exchange wallet ‘0xc2fdc2’ and another wallet ‘0xa626’.
End of Tracking:
- Tracking ends as the BTC appears to come from an unknown service, making further tracking difficult.
ZachXBT noted potential signs of a Lazarus Group attack and called on the WazirX team to be transparent in their actions. The Lazarus Group is a cybercrime organization linked to North Korea, known for sophisticated and large-scale cyber attacks globally.
📢 Update: We're aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding.…
— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 18, 2024
Currently, the Indian exchange has temporarily suspended the withdrawal of cryptocurrencies and Indian rupees on the platform.
Is the Hacker Selling Assets for ETH?
The attacker’s wallet, “0x04b2,” has come under scrutiny as it has begun dumping these assets on the market. Specifically, the wallet has already sold 640.27 billion PEPE tokens worth approximately $7.6 million.
After analyzing the wallet, here is a detailed list of assets stolen from WazirX:
- 5.43 trillion SHIB ($102 million)
- 15,298 ETH ($52.5 million)
- 20.5 million MATIC ($11.24 million)
- 640.27 billion PEPE ($7.6 million)
- 5.79 million USDT
- 135 million GALA ($3.5 million)
So far, the attacker has unloaded all of their PEPE, GALA, RNDR, COS, OGN, and REQ, among others, receiving 5,270 ETH ($18.14 million) in return. It appears they continue to sell assets for ETH.
Additional Hacker Wallets for Monitoring:
- 0x35febC10112302e0d69F35F42cCe85816f8745CA
- 0x90ca792206eD7Ee9bc9da0d0dF981FC5619F91Fd
Implications and Market Reaction
The scale of this asset movement is significant, raising questions about the security measures at WazirX and the potential market impact of such a large asset dump. The cryptocurrency community and investors are closely monitoring the situation and awaiting further updates from WazirX and other authorities involved in the investigation.
This article is brought to you by ArbitrageScanner, The Best Tools for Blockchain Analysis and Seamless Cryptocurrency Arbitrage
ArbitrageScanner is a powerful tool that enables you to identify and capitalize on arbitrage opportunities across CEX and DEX exchanges, spot and futures markets, and even futures and futures markets. It provides you with actionable spreads, indicating where to buy, where to sell, and the potential profit you can earn. Additionally, it offers comprehensive fund tracking capabilities, supporting over 40 exchanges, including DEXs.
Unlock Advanced Portfolio Analysis and Insights
Harness the power of ArbitrageScanner’s advanced portfolio analysis features, including bulk search, AI-driven analytics, and real-time transaction notifications. Leverage sophisticated search filters to identify top-performing portfolios, such as those generating over $100,000 per month.
Stay Ahead of the Curve with Exclusive News Alerts
Gain a competitive edge by subscribing to ArbitrageScanner’s exclusive news alerts. Receive breaking news and market insights before they hit the mainstream media, empowering you to make informed trading decisions ahead of the curve.
Discover the Full Potential of ArbitrageScanner
Explore the vast array of features and benefits that ArbitrageScanner has to offer and elevate your cryptocurrency trading experience.
Key Features:
- Cross-exchange arbitrage scanning: Identify arbitrage opportunities across CEX and DEX exchanges.
- Spot, futures, and futures+futures arbitrage: Capitalize on arbitrage opportunities in various market types.
- Actionable spreads: Receive clear instructions on where to buy, where to sell, and the potential profit.
- Comprehensive fund tracking: Track your funds across over 40 exchanges, including DEXs.
- Advanced portfolio analysis: Uncover top-performing portfolios and gain valuable insights.
- AI-driven analytics: Leverage AI-powered tools to make informed trading decisions.
- Real-time transaction notifications: Stay informed about all your transactions.
- Exclusive news alerts: Receive breaking news and market insights before they hit the mainstream media.
Experience the ArbitrageScanner Difference
Join the thousands of traders who rely on ArbitrageScanner to enhance their cryptocurrency trading strategies.
Conclusion
The WazirX hack serves as a stark reminder of the vulnerabilities in storing assets on exchange wallets. The swift actions and transparency from the cryptocurrency community, including researchers like ZachXBT, are crucial in tracking and potentially mitigating the impact of such breaches. As the investigation continues, it is imperative for exchanges to strengthen their security measures and for users to consider more secure methods of storing their assets.
The ongoing developments will be closely watched, with hopes for a resolution that minimizes the damage to the affected users and the broader cryptocurrency market.
Disclaimer: Some of the links on this page could be affiliate links, where I earn a commission if you make a purchase via my link.
Follow us on our social networks and keep up with everything that happens in the Metaverse!
