2024 WazirX hack

Last updated
2024 WazirX hack
DateJuly 18, 2024
Type Cyberattack
Suspects Lazarus Group

India-based WazirX , a cryptocurrency exchange was hacked in early days of July 2024, leading to the loss of approximately $234.9 million (around Rs 2000 crore) in investor funds. [1] [2] The exchange ceased to operate on 18 July 2024. [3]

Contents

Hack

On 18 July 2024, $234.9 million worth of crypto assets have been taken out of the exchange and sent to a new address by North Korean hackers belonging to Lazarus Group. [4] [5]

Modus operandi

WazirX's multisig wallet, controlled by five WazirX and one Liminal signature, required three WazirX and one Liminal signature to initiate transactions. Hackers created a fake WazirX account, deposited tokens, and began purchasing Gala (GALA) tokens. After draining the hot wallet, they accessed the cold wallet. When WazirX signatories accessed the multisig wallet, the hackers altered the smart contract controlling it. Once modified in their favor, the attackers gained full control, no longer needing WazirX's keys, and drained all the funds. [6] Before the attack, the crypto exchange stated in its June 2024 proof-of-reserves disclosure that it had about $500 million in digital assets. [7]

On 18 July 2024, the exchange suspended crypto trading. [8] [9]

Litigations

Related Research Articles

A cryptocurrency exchange, or a digital currency exchange (DCE), is a business that allows customers to trade cryptocurrencies or digital currencies for other assets, such as conventional fiat money or other digital currencies. Exchanges may accept credit card payments, wire transfers or other forms of payment in exchange for digital currencies or cryptocurrencies. A cryptocurrency exchange can be a market maker that typically takes the bid–ask spreads as a transaction commission for its service or, as a matching platform, simply charges fees.

<span class="mw-page-title-main">Cryptocurrency</span> Digital currency not reliant on a central authority

A cryptocurrency, crypto-currency, or crypto is a digital currency designed to work through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it.

Coinbase Global, Inc., branded Coinbase, is an American publicly traded company that operates a cryptocurrency exchange platform. Coinbase is a distributed company; all employees operate via remote work. It is the largest cryptocurrency exchange in the United States in terms of trading volume. The company was founded in 2012 by Brian Armstrong and Fred Ehrsam. In May 2020, Coinbase announced it would shut its San Francisco, California, headquarters and change operations to remote-first, part of a wave of several major tech companies closing headquarters in San Francisco in the wake of the COVID-19 pandemic.

Kraken is a United States–based cryptocurrency exchange, founded in 2011. It was one of the first bitcoin exchanges to be listed on Bloomberg Terminal and was valued at US$3 billion in January 2024. The company has been the subject of several regulatory investigations since 2018, and has agreed to cumulative fines of over $30 million.

<span class="mw-page-title-main">Digital Currency Group</span> American venture capital company

Digital Currency Group Inc. (DCG) is a venture capital company focusing on the digital currency market. It is located in Stamford, Connecticut. The company has the subsidiaries Foundry, Genesis, Grayscale Investments, and Luno. It also formerly owned CoinDesk.

Bitfinex is a cryptocurrency exchange owned and operated by iFinex Inc, and is registered in the British Virgin Islands. Bitfinex was founded in 2012. It was originally a peer-to-peer Bitcoin exchange, and later added support for other cryptocurrencies.

<span class="mw-page-title-main">Bitconnect</span> 2016–2018 fraudulent cryptocurrency

Bitconnect was an open-source cryptocurrency in 2016–2018 that was connected with a high-yield investment program, a type of Ponzi scheme. After the platform administrators closed the earning platform on January 16, 2018, and refunded the users' investments in BCC following a 92% coin value crash, confidence was lost and the value of the coin plummeted to below $1 from a previous high of nearly $525.

A cryptocurrency wallet is a device, physical medium, program or an online service which stores the public and/or private keys for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often offers the functionality of encrypting and/or signing information. Signing can for example result in executing a smart contract, a cryptocurrency transaction, identification, or legally signing a 'document'.

Binance Holdings Ltd., branded Binance, is a global company that operates the largest cryptocurrency exchange in terms of daily trading volume of cryptocurrencies. Binance was founded in 2017 by Changpeng Zhao, a developer who had previously created high-frequency trading software. Binance was initially based in China, then moved to Japan shortly before the Chinese government restricted cryptocurrency companies. Binance subsequently left Japan for Malta and currently has no official company headquarters.

Cryptocurrency and crime describe notable examples of cybercrime related to theft of cryptocurrencies and some methods or security vulnerabilities commonly exploited. Cryptojacking is a form of cybercrime specific to cryptocurrencies used on websites to hijack a victim's resources and use them for hashing and mining cryptocurrency.

<span class="mw-page-title-main">Tron (blockchain)</span> Blockchain computing platform

Tron is a decentralized, proof-of-stake blockchain with smart contract functionality. The cryptocurrency native to the blockchain is known as Tronix (TRX). It was founded in March 2014 by Justin Sun and since 2017 has been overseen and supervised by the TRON Foundation, a non-profit organization in Singapore, established in the same year. It is open-source software.

Decentralized finance provides financial instruments and services through smart contracts on a programmable, permissionless blockchain. This approach reduces the need for intermediaries such as brokerages, exchanges, or banks. DeFi platforms enable users to lend or borrow funds, speculate on asset price movements using derivatives, trade cryptocurrencies, insure against risks, and earn interest in savings-like accounts. The DeFi ecosystem is built on a layered architecture and highly composable building blocks. While some applications offer high interest rates, they carry high risks. Coding errors and hacks are a common challenge in DeFi.

<span class="mw-page-title-main">SafeMoon</span> Defunct cryptocurrency technology company and token

SafeMoon LLC was an American cryptocurrency and blockchain company created in March 2021. The company created the SafeMoon token (SFM) which traded on the BNB Chain blockchain. The token charged a 10% fee on transactions, with 5% redistributed to token holders and 5% directed to wallets in a different currency, Binance Coin (BNB), controlled by the coin's authors. The token reached its all time high market cap in April 2021 of $17b.

<span class="mw-page-title-main">Solana (blockchain platform)</span> Public blockchain platform

Solana is a blockchain platform which uses a proof-of-stake mechanism to provide smart contract functionality. Its native cryptocurrency is SOL.

Crypto.com is a cryptocurrency exchange company based in Singapore that offers various financial services, including an app, exchange, and noncustodial DeFi wallet, NFT marketplace, and direct payment service in cryptocurrency. As of June 2023, the company reportedly had 100 million customers and 4,000 employees.

<span class="mw-page-title-main">Celsius Network</span> American cryptocurrency company

Celsius Network LLC was a cryptocurrency company. Headquartered in Hoboken, New Jersey, Celsius maintained offices in four countries and operated globally. Users could deposit a range of cryptocurrency digital assets, including Bitcoin and Ethereum, into a Celsius wallet to earn a percentage yield, and could take out loans by pledging their cryptocurrencies as security. As of May 2022, the company had lent out $8 billion to clients and had almost $12 billion in assets under management.

The Bitfinex cryptocurrency exchange was hacked in August 2016. 119,756 bitcoin, worth about US$72 million at the time, was stolen.

Kucoin is a Seychelles-based cryptocurrency exchange. It was founded in China in 2017, but was later moved to Singapore following the Chinese government's restrictions on cryptocurrency companies, and subsequently to the Seychelles.

Arkham Intelligence is a public data application that enables users to analyze blockchain and cryptocurrency activity. Founded by Miguel Morel in 2020, the company's platform utilizes AI to identify and catalog the owners of blockchain addresses. Its partners include various cryptocurrency and blockchain companies.

<span class="mw-page-title-main">Coinswitch</span>

Coinswitch is an Indian cryptocurrency exchange and trading platform headquartered in Bangalore, Karnataka. Founded in 2017, the platform enables users to trade Virtual Digital Assets (VDAs) with Indian Rupees. In October 2021, Coinswitch secured $260 million in Series C funding, valuing the company at $1.9 billion.

References

  1. "What went wrong with WazirX? India's biggest crypto hack". 2 August 2024.
  2. Venugopal, Sahana (3 September 2024). "WazirX Cyberattack: What is WazirX's legal status after a $230 million wallet hack?". The Hindu.
  3. "WazirX cryptocurrency exchange halts withdrawals after security breach". The Indian Express. 2024-07-18. Retrieved 2024-07-31.
  4. Shukla, Siddharth (2024-07-18). "WazirX Pauses Crypto, Rupee Withdrawals After Wallet Breach". Bloomberg.com. Retrieved 2024-07-31.
  5. Anand, Vijay (2024-07-29). "North Korean Lazarus Group linked to $235 million WazirX crypto breach - CNBC TV18". CNBCTV18. Retrieved 2024-07-31.
  6. Anupam, Suprita (2024-09-25). "The End Of WazirX: The $234 Mn Heist, Nischal Shetty Under Fire And The Blame Game". Inc42 Media. Retrieved 2024-09-26.
  7. "WazirX crypto exchange hack: how much of the assets was lost, CEO Nischal Shetty's announcement, and what happens next". The Hindu. 2024-07-29. ISSN   0971-751X . Retrieved 2024-07-31.
  8. Singh, Manish (2024-07-21). "WazirX halts trading after $230 million 'force majeure' loss". TechCrunch. Retrieved 2024-08-31.
  9. Sharma, Manoj (2024-07-10). "WazirX halts trading, announces $23 mn bounty after hackers steal $234 mn. Key updates". www.fortuneindia.com. Retrieved 2024-08-31.
  10. Singh, Manish (2024-08-28). "CoinSwitch sues WazirX to recover trapped funds". TechCrunch. Retrieved 2024-08-31.
  11. "India's Crypto app CoinSwitch sues WazirX: We are now taking steps, including ..." The Times of India. 2024-08-29. ISSN   0971-8257 . Retrieved 2024-08-31.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.