Reported by The Block: WazirX suffered an exploit resulting in the unauthorized transfer of over $230 million in crypto assets.
The exploit targeted the exchange’s multisig wallet, the exchange confirmed.
Cryptocurrency exchange WazirX has suffered a wallet exploit, resulting in the unauthorized transfer of over $230 million worth of crypto assets.
The exploit targeted the exchange’s multisig wallet on the Ethereum network potentially as a result of a private key comprise and drained the funds. To carry out the attack, the perpetrator needed to upgrade the implementation of this Safe Wallet to a malicious contract, security firm Blocksec explained.
The exchange has acknowledged the incident, adding that it's still investigating the outflows and has paused all withdrawals. "We're aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused," WazirX said.
The compromised funds were moved to an address that has actively begun converting stolen assets, such as PEPE, GALA, and USDT, into ether. Over $100 million in Shiba Inu was stolen by the hacker along with 15,290 ETH($52 million) and 20 million, MATIC tokens ($11 million), on-chain data shows.
"Looks there is a private key leakage in WazirX exchange. The leaked private keys are used to upgrade a safe multi-sig wallet, which holds a large number of assets, to a malicious contract. Then the malicious contract is used to drain most of the assets in the Safe Wallet," Yajin (Andy) Zhou, co-founder of Blocksec told The Block.
The compromised funds were moved to an address that has actively begun selling stolen assets into ether.
Over $100 million in Shiba Inu (SHIB) was stolen by the hacker along with 20 million MATIC tokens ($11 million), 640 billion PEPE tokens ($7.5 million), 5.7 million USDT, and 135 million GALA ($3.5 million), on-chain data shows.
- Last:
- Next: