Major Security Breach: WazirX, India's Leading Crypto Exchange, Loses $230 Million in Hack

 Massive WazirX Hack: SHIB, WRX Prices Fall Sharply; Bitcoin and Tether Trade Cheap

WazirX, a prominent cryptocurrency exchange in India, announced a security breach in one of its multisig wallets on July 18. The company has temporarily halted Indian rupee (INR) and cryptocurrency withdrawals while investigating the incident.

“We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident,” WazirX wrote on social media platform X on Thursday morning, adding, “To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused.”

Blockchain investigator Zachxbt has been tracing the movements of over $230 million stolen in the WazirX breach. “I began tracing the $230M+ WazirX hack back from the original exploiter address and was able to make some interesting observations,” he shared in his analysis on X. The initial theft address conducted test transactions on July 10 using SHIB and received multiple deposits from Tornado Cash. The tracing revealed several linked transactions, leading to suspicions of a sophisticated and organized attack.

“The BTC appears to come from an unknown service making it difficult to trace. All I can say is the WazirX hack has the potential markings of a Lazarus Group attack (yet again),” Zachxbt concluded. “Hopefully the WazirX team will be transparent with their findings. I solved the Arkham bounty where I identified a KYC exchange deposit made by the WazirX hacker. Unfortunately, this is probably not super helpful as KYC-verified accounts can be easily purchased online for any exchange.”

Blockchain security researcher Mudit Gupta also provided his analysis of the WazirX hack. “The hackers started practicing the hack on-chain at least 8 days ago and finally executed it today,” he described, stating, “It’s a very methodical and organized attack, pointing towards DPRK as the hacker.”

“The attackers upgraded the multisig to a malicious version that allowed them to drain the multisig,” Gupta explained, adding, “The attackers likely compromised 2 out of 4 private keys directly and the remaining two were signature phished via a UI/Wallet compromise. My bet is on wallet compromise/custody provider compromise.”

WazirX's native token WRX slumped 15% in dollar terms. SHIB has lost 6% since the attacker drained $100 million worth of the token from the Indian exchange. Most coins, including market leaders Bitcoin and Tether, are trading at a significant discount on WazirX. Cryptocurrencies stolen in the malicious attack, as well as the platform's native token, are experiencing significant losses in their market values after the hack drained roughly 50% of the exchange's reserves.

WazirX's WRX token is trading 15% lower at just over 14 cents, according to Coingecko data. The rupee-denominated price has slumped more than 25% since the exchange confirmed the hack that saw the attacker walk away with $230 million in customer funds, including $100 million in Shiba Inu (SHIB). The attacker also drained $52 million in Ether (ETH), $11 million in MATIC, and $6 million in PEPE.

Since then, SHIB has lost over 6% in market value in U.S. dollar terms while trading 16% lower in rupee terms amid reports the hacker is liquidating the coins. Blockchain data suggests the attacker is offloading SHIB, putting downward pressure on its market value. Other tokens have held relatively steady in dollar terms while suffering significant losses in the exchange's INR pairs. Notably, the Bitcoin-rupee (BTC/INR) pair has declined by 11% to 5.1 million rupees ($60,945), trading at a massive discount to prices on rival exchange CoinDCX, where the cryptocurrency changed hands at 5.7 million rupees. BTC's global average dollar-denominated price traded 1% higher on the day at $61,800. The largest cryptocurrency by market value is priced around $64,900 according to CoinDesk Indices data.

Meanwhile, the USDT-INR pair (USDT) on WazirX has slipped by 8%. The discounts in BTC, USDT, and other cryptocurrencies on WazirX likely reflect panic selling by investors and the rush for fiat/cash in the wake of the hack.