The post Who’s Behind the WazirX Hack? The Mastermind Revealed appeared first on Coinpedia Fintech News

One of the worst hacks for the crypto industry happened this morning in India; the WazirX exchange has been hacked, and more than 230 million USD (approximately 2,000 crore INR) was stolen. The breach which targeted the exchange’s Safe Multisig wallet on the Ethereum network was as complex as any professional criminal attack. 

The highly professional approach to the hack further fueled speculations about the involvement of Lazarus Group – a North Korean cybercrime cartel known for its activities in the crypto sphere. 

Methodical attack execution 

At least eight days before the attack, the hackers rehearsed on the chain, which shows that the criminals were well-prepared. They achieved the hack by replacing the genuine multi-sig wallet with a fake one and this made the process of embezzlement easy. 

Mudit Gupta, CISO at Polygon Labs, reckons that cybercriminals obtained two of the four private keys outright and the last two through signature phishing, a swindle involving exposing the walnut user to falsely signed transactions. 

Lazarus group’s involvement 

It is widely believed that the Lazarus Group, a North Korean cybercrime organization is behind this attack. Considered very technical and having a specific large-scale modus operandi, the group has been associated with multiple breaches in the past. 

Consequently, regarding WazirX, one can identify signature phishing, as well as the use of such modern tactics as upgrading multi-sig contracts as specific features that adhere to the activities of the Lazarus Group which was similarly concluded by on-chain investigator ZachXBT. They have emphasised the growing potential of state-sponsored actors as a crypto menace. 

Lazarus Group has been confirmed to have been involved in the Harmony Bridge attack by the FBI and they withdrew about 100 million through protocol vulnerabilities. Moreover, Lazarus bears the other attack of a $625 million hack on the Ronin bridge, making it evident the group’s ability and relentlessness for the crypto business. 

The size of the operation of the Lazarus Group 

Lazarus Group could be considered as one of the most famous large-scale cyber heist groups with their activities linked to nuclear missile and weapon programme funding for North Korea. The group cashed out more than $60 million of Ether with the identity-hiding method RAILGUN in 2022, and like the others, tumblers such as Tornado Cash and Sinbad to hide their profits which were sanctioned by the authorities.

Read Also: WazirX Under Attack! SHIB, PEPE, LINK, MATIC Impacted in $230 Million Hack