/entrackr/media/agency_attachments/2024/10/18/XDGqYgwk8PhvKwQWyFWY.png)
/entrackr/media/media_files/2024/10/21/Yrt2TyvLFW5vUgdBO2YK.jpg)
/entrackr/media/member_avatars/2024/10/21/2024-10-21t084418826z-kulbhushan-circle-png-768x768.png )
Follow Us/entrackr/media/post_attachments/wp-content/uploads/2024/07/WazirX-cyber-attack-.jpg)
WazirX on late Thursday confirmed that the cryptocurrency exchange suffered a cyber attack in one of its multisig wallets leading to a loss of funds exceeding $230 million.
According to the company’s preliminary investigation, the wallet was operated utilizing the services of Liminal’s digital asset custody and wallet infrastructure from February 2023.
WazirX added that the cyber attackers exploited the discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents.
“During the cyber attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. We suspect the payload was replaced to transfer wallet control to an attacker,” the company explained in a blog post.
The crypto exchange assured that it was making all out efforts to locate and recover the funds. It disclosed that the company has succeeded in blocking a few deposits and reached out concerned wallets for recovery.
Separately, Liminal Custody said that its platform was not breached. It added that the company was aiding WazirX in its inquiry into the cyber breach.
It also highlighted that all the malicious transactions to the attacker’s addresses have occurred from outside of the Liminal platform.
“Our preliminary investigations show that one of the self-custody multi-sig smart contract wallets created outside of the Liminal ecosystem has been compromised. We can confirm that Liminal’s platform is not breached and Liminal’s infrastructure, wallets and assets continue to remain safe,” said the company in a statement.
It also assured that all WazirX wallets created on the Liminal platform continue to remain secure and protected.
According to Elliptic, North Korea-based hackers are likely behind the security breach. The website further breaks down the withdrawal as - $96.7 million for Shibu Inu, $52.6 million for Ether, $11 million for Matic, and $7.6 million for Pepe.
The loss of funds worth over $200 million is among the biggest crypto heists of all time. Back in March 2022, hackers targeted the Ronnin network to steal cryptocurrencies worth $625 million. This heist is widely believed to be orchestrated by North Korean hackers, in this case, Lazarus Group.
/entrackr/media/media_files/2024/10/18/zG8sbRMt5HG04yMhLVd2.webp)