Indian cryptocurrency exchange WazirX has reportedly fallen victim to a significant hack. According to security platform Cyvers, multiple suspicious transactions were identified involving WazirX’s multi-sig wallet on the Ethereum network.
The transactions indicated that $234.9 million in funds from the Safe Multisig wallet were moved to a new address. Each transaction’s caller was funded by Tornado Cash, a decentralized protocol known for private transactions.
One of the Biggest Hacks of 2024
Further investigation revealed that the new address had already swapped the stolen funds, including Tether (USDT), Pepe, and Gala (GALA), into Ether. This development increases red flags, suggesting an attempt to launder the belongings via numerous cryptocurrencies.
In a Telegram post on the “Investigations through ZachXBT” channel, crypto sleuth ZachXBT announced that the suspected primary attacker address still holds over $104 million worth of assets.
Upon reviewing the address holdings, it was found that the wallet comprised approximately $100 million in Shiba Inu, $52 million in Ether, and $11 million in Polygon. In reaction to the breach, WazirX has paused both fiat and crypto withdrawals to guard users’ assets. This incident marks the second-largest crypto hack of 2024, following the DMM Bitcoin security breach in May.
WazirX’s Steps Towards Damage Control
WazirX has acknowledged the breach, mentioning, “We are aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We will keep you posted with further updates.”