On July 18, WazirX, India’s largest cryptocurrency exchange, confirmed a security breach that prompted the temporary halt of INR and crypto withdrawals, following an alleged theft of digital assets valued at $230 million.
“This is a force majeure event beyond our control, but we are taking every possible measure to locate and recover the funds. Several deposits have already been blocked, and we are collaborating with relevant wallets for recovery. We have engaged top resources to assist in this effort,” stated WazirX.
According to Moneycontrol, citing blockchain analytics tool Lookonchain, the stolen assets included $102 million of Shiba Inu, $52.5 million in Ethereum, $11.24 million in Matic, $7.6 million in Pepe coin, $135 million in Tether, and $3.5 million in Gala.
WazirX disclosed that the cyber attack targeted one of its multisig wallets, operated in partnership with Liminal’s digital asset custody and wallet infrastructure since February 2023.
Liminal, a provider of wallet infrastructure and digital asset custody solutions, managed the multisig wallet with six signatories—five from WazirX and one from Liminal. “Transactions required approval from three WazirX signatories (all using Ledger Hardware Wallets for security), followed by final approval from Liminal,” explained the exchange. Additionally, a policy was in place to whitelist destination addresses for added security.
These whitelisted addresses, managed on Liminal’s interface, allowed the WazirX team to initiate transactions to designated addresses. However, during the cyber attack, discrepancies between the data displayed on Liminal’s interface and the actual transaction contents were exploited.
“We suspect the payload was altered to transfer wallet control to an attacker,” noted WazirX, detailing the nature of the cyber intrusion.
The Reserve Bank of India (RBI) has been cautioning investors about crypto risks saying these instruments lack underlying assets.