WazirX breach happened on July 18, not earlier with Misinfo about an 8-day prior breach is incorrect.
Attackers upgraded WazirX’s multi-sig wallet to a malicious version, draining over $230M USD.
Phishing likely occurred via compromised wallets or custody systems, not a UI breach.
Confusion and misinformation initially surrounded the WazirX hack, but it is now confirmed that hackers stole over $230 million from the cryptocurrency exchange on July 18th by compromising the platform’s multi-signature wallet.
Contrary to early reports, this was not an extended breach but a sophisticated, well-planned attack, raising alarms about the vulnerability of digital assets to increasingly sophisticated cyberattacks.
WazirX hacked for over $230m USD (2,000 cr INR)Their safe multisig was compromised and drained.The hackers started practicing the hack onchain at least 8 days ago and finally executed it today.It's a very methodical and organized attack, pointing towards DPRK as the hacker. pic.twitter.com/HziVY7dCoq
— Mudit Gupta (@Mudit__Gupta) July 18, 2024
The incident involved the compromise of WazirX’s multi-signature wallet, secured by four signers from two companies. Attackers exploited vulnerabilities by upgrading the wallet to a malicious version, enabling them to drain over $230 million.
Speculation that the breach happened eight days prior was in fact false. Hackers had practiced their attack on non-WazirX contracts even before targeting the actual wallet. Therefore, any claims suggesting an extended period of breach were unfounded. The real attack happened July 18, as confirmed by WazirX CEO, Nischal Shetty.
Thanks @Mudit__Gupta for helping spread the right information around the incident 🙏There has been misinformation being spread that wallets were hacked 8 days before the July 18 attack.I would like to clarify that the breach happened on July 18 and there was no breach of… https://t.co/lNV2djoDmU
— Nischal (Shardeum) 🔼 (@NischalShetty) July 25, 2024
The methodical attack suggests a highly organized group, possibly linked to North Korea. Hackers did not immediately drain funds, instead practiced their approach, indicating a strategic methodology. This was crucial as they needed to compromise two of four private keys and use phishing for the rest.
Phishing likely succeeded through a compromised wallet or a breach of custody providers’ systems. The attackers obtained signatures by deceiving two of the four signers, tricking them into authorizing what appeared to be routine transactions. With these signatures, they upgraded the wallet to a malicious contract, enabling them to move funds.
Current theories suggest a breach of WazirX laptops is more plausible than a compromise of the custody UI. That was because the UI typically does not handle payload generation or validation, which are backend processes. Both WazirX and Liminal Custody have been actively analyzing the breach, even seeking external expertise.
The post WazirX Confirms $230 Million Hack, Dispels Misinformation on Timeline appeared first on Coin Edition.