Indian cryptocurrency exchange WazirX announced that it has fallen victim to a sophisticated cyber attack, resulting in the theft of over $230 million from one of its multisig wallets on the X platform.
The breach has sent shockwaves through the crypto community, raising significant concerns about the security of digital asset platforms.
Incident Overview
WazirX, known for its commitment to transparency and community welfare, disclosed that the cyber attack targeted a multisig wallet operated with the assistance of Liminal’s digital asset custody and wallet infrastructure.
Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo
The wallet, which had been in use since February 2023, was compromised, resulting in a substantial loss of funds.
The platform’s official statement highlighted the severity of the incident, emphasizing that the stolen funds amounted to more than $230 million. The affected wallet address has been publicly shared to ensure transparency and aid recovery efforts.
Wallet Configuration and Breach Mechanics
The compromised wallet was configured with six signatories—five from the WazirX team and one from Liminal. Approval was required from three WazirX signatories to authorize a transaction, all of whom used Ledger Hardware Wallets for enhanced security, followed by a final approval from Liminal’s signatory.
Additionally, a whitelisting policy was in place to ensure that transactions could only be initiated to pre-approved addresses.
Despite these robust security measures, the cyber attackers exploited discrepancies between the data displayed on Liminal’s interface and the actual transaction contents.
Preliminary findings suggest that the payload was replaced during the attack, allowing the attackers to control the wallet and siphon off the funds.
Nature of the Cyber Attack and Response
The nature of the cyber attack indicates a highly sophisticated breach, where the attackers manipulated the data displayed on Liminal’s interface.
This discrepancy between the displayed information and the actual transaction content enabled the attackers to bypass the security measures in place.
WazirX has assured its users that it has implemented stringent security features, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy. However, the attackers appear to have found a way to breach these defenses.
In response to the attack, WazirX has taken immediate steps to mitigate the damage, including blocking a few deposits and contacting concerned wallets for recovery.
The platform has also engaged with top-tier resources and experts to assist in recovering the stolen funds. WazirX has pledged to leave no stone unturned in its efforts to locate and retrieve the assets, emphasizing that this is a force majeure event beyond its control.
The company has promised to update the community with further developments as the investigation progresses. In the wake of this unprecedented attack, WazirX has called for the support of its community.
The platform expressed gratitude for its users’ continued trust and solidarity, vowing to overcome this challenge and emerge stronger and more resilient.
WazirX’s commitment to transparency and community welfare remains unwavering. The platform has assured its users that it will continue to prioritize security and take all necessary measures to protect customer assets in the future.
The incident is a stark reminder of the ever-evolving threats in the digital asset space and the need for constant vigilance and innovation in security practices.
As the investigation unfolds, the crypto community will closely monitor WazirX’s efforts to recover the stolen funds and enhance its security protocols. The platform’s ability to navigate this crisis will be crucial in restoring confidence and trust among its users.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.