Indian crypto exchange WazirX has experienced a significant security breach. The WazirX multisig wallet hack has resulted in the abnormal transfer of assets worth more than $230 million. Moreover, the assets affected include, Shiba Inu (SHIB), Pepe Coin (PEPE), Ethereum (ETH), and Polygon (MATIC).

WazirX Pauses Withdrawals Amid Wallet Hack

According to WazirX, the breach involved the unauthorized transfer of funds from one of their multisignature wallets. The transfers were made to an unknown wallet labeled “0x04b2,” as per reports from Lookonchain, a blockchain tracking platform. Hence, in an official statement posted on X, WazirX addressed the incident.

The crypto exchange wrote, “Update: We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We’ll keep you posted with further updates.”

The compromised wallet has since been actively dumping the stolen assets. Notably, the wallet has offloaded 640.27 billion PEPE tokens, valued at approximately $7.6 million. In addition to the PEPE tokens, the breached wallet has transferred substantial amounts of other cryptocurrencies.

This includes 20.5 million MATIC tokens worth $11.2 million. Moreover, staggering 5.4 trillion SHIB tokens valued at $102.1 million were shifted amid the WazirX wallet hack. Moreover, 15,298 ETH, equivalent to $52.5 million was also compromised. These transfers have raised significant concerns for the exchange’s users as they worried about the safety of their funds. Nonetheless, WazirX has assured user funds safety.

Hacker Uses Tornado Cash For Transfers

On July 18, 2024, Cyvers Alert reported detecting multiple suspicious transactions involving WazirX’s Safe Multisig wallet on the Ethereum blockchain. These transactions totaled approximately $234.9 million and were flagged due to their association with Tornado Cash, a decentralized protocol for private transactions.

Each transaction’s caller was funded by Tornado Cash, which complicates the tracing of funds and the identification of involved parties. Following, the transfers, the new address swiftly exchanged significant portions of these funds into Ethereum, with notable swaps including Tether (USDT), Pepe Coin, and Gala (GALA).

In addition, further analysis revealed a diverse portfolio of digital assets held by the new address. These include $4.7 million in Floki (FLOKI), $3.2 million in Fantom (FTM), $2.8 million in Chainlink (LINK), and $2.3 million in Fetch.ai (FET), among others. Moreover, as the stolen funds from WazirX wallet hack were swapped in Ethereum, the hacker is likely to use Tornado Cash for shifting the entire exploited amount.

The use of Tornado Cash highlights challenges in tracking the origins and destinations of funds within decentralized finance (DeFi) ecosystems. Such transactions raise concerns about money laundering, illicit activities, and the need for enhanced regulatory oversight.

#BinanceTurns7 #SOFR_Spike #Write2Earn! #HackerAlert #BinanceTournament