Indian Crypto Exchange Wazirx Falls Victim to a North Korea-Linked ₹1900 Crore Hack

QUICK BITE

• One of the multisig wallets of WazirX suffered a security breach, leading the company to temporarily pause INR and crypto withdrawals.
• As a result of the hack, around $234.9M (which is over ₹1900 crore) in crypto assets were lost, which make up more than 45% of the exchange’s $500 million in assets.

The biggest Indian crypto exchange, WazirX today announced on X (formerly Twitter) that it has suffered a severe hack. According to the company, one of its multisig wallets has experienced a security breach, leading the company to temporarily pause INR and crypto withdrawals.

Web3 cyber security firm, Cyvers posted on X, saying its system has detected multiple suspicious transactions involving WazirX’s Safe Multisig wallet on Ethereum. It has also stated that a total of $234.9M (which is over ₹1900 crore) of WazirX’s funds have been moved to a new address. Each transaction’s caller is funded by Tornado Cash. 

Not to mention, the stolen funds make up more than 45% of the exchange’s $500 million in assets, as WazirX revealed in its June report. 

Blockchain analytics firm, Arkham Intelligence launched a “New Intel Exchange Bounty” for the WazirX hack.  Crypto investigator, ZachXBT submitted definitive evidence of a KYC-linked deposit address used by the exploiter to receive funds from the WazirX exploit.

Data from Lookonchain reveals that over $100 million in Shiba Inu (SHIB) tokens were withdrawn, making it the largest amount lost. This was followed by $52 million in Ether (ETH), $11 million in Matic (MATIC), and $6 million in Pepe (PEPE). 

Additionally, transactional data shows the exploiter is actively selling the stolen assets on the Uniswap exchange but has not yet sold their ETH holdings. They also hold over $4.2 million in Floki (FLOKI) tokens.

Moreover, what’s interesting is that Elliptic, a firm that is focused on blockchain analytics for financial crime compliance, stated in their blog that on-chain analysis and other information indicate that this hack was perpetrated by hackers affiliated with North Korea.

CIM Editorial

CIM Editorial is the official voice of Crypto India Magazine. We bring you the latest news, analysis, and insights on Web3 and AI in India and beyond.