Table of Contents
Hackers exploit the WazirX wallet, steal $200 million, and convert to Ether.
In one of the major hacks, Indian cryptocurrency exchange WazirX was attacked on July 18, and more than $200 million in assets were stolen.
According to on-chain tracker SpotOnChain, funds are being converted to Ether (ETH). At the last update, it held 59,097 ETH in the blacklisted wallet of the attacker.
15,298 ETH were directly taken from the WazirX multisig wallet. These crypto assets included SHIB worth $102 million, MATIC worth $11.25 million, PEPE worth $7.6 million, USDT worth $7.79 million, and GALA amounting to $3.5 million. Most of these assets have since been swapped for ETH and currently retain just over $11 million in altcoins, such as Chromia, Celer Network, Frontier, and Ooki tokens.
Hacker swaps tokens for Liquid Ether to evade tracking
Blockchain analytics firm Lookonchain observed that the hacker had transferred 7,700,000 DENT tokens to a Binance address, adding that this wallet was never used before. The movement of the funds raised some eyebrows, as further investigation should be done to know how the hacker operated and his possible motive.
Lakov Levin, co-founder of Rivo, suggested that the hacker’s decision to swap the stolen ERC-20 tokens for ETH was due to its high liquidity.
You can’t do an ETH block like you do with stablecoins,\” Levin explained. ERC-20 tokens have the ability to include a contract function that allows an owner to blacklist addresses, cutting them off from trading. ETH doesn’t have that capability because it was written into the core Ethereum protocol, and core Ethereum doesn’t allow for any changes to address permissions.
Akhsay Nassa of Chimp DEX added to the sentiment that the hacker had most likely targeted ETH to prevent authorities from freezing these funds. “With a large market that is very active, ETH enables quick and fair trades. Again, it has many cross-chain bridges and exchanges that make movement between blockchains easy, hence obscuring the trail more,” he added.
WazirX wallet exploit detailed
In detail, the cyberattack took advantage of discrepancies in WazirX’s wallet management system. Liminal, which was a digital asset custody and wallet infrastructure provider for WazirX, had data discrepancies that may have dwindled the strike. The attacker had second thoughts about changing the payload in order to take control of the wallet, according to a post-mortem report of the incident that WazirX shared.
Some speculation has been made on the part of the notorious Lazarus Group, backed by some leading crypto investigators, such as ZachXBT and blockchain analytics firm Elliptic. One of the links showed that Lazarus Group had previously conducted high-profile cyberattacks to raise money for the operations of North Korea.
Due to the hack, WazirX has paused cryptocurrency and fiat-based withdrawals. The exchange assured that all stringent measures are being taken to trace the assets and recover the funds by cooperating with agencies and cybersecurity experts.
An incident with wallet management systems that exposes vulnerabilities in the cryptocurrency ecosystem with respect to wallet management systems and digital asset security at large. As investigations are underway, an alleged crypto cyberattack of epic proportions is leaving the entire community of crypto aficionados holding their breath.
The WazirX hack underlines the critical requirement of strong security measures and constant vigilance in the fast-moving world of digital finance. With continuously evolving tactics, digital asset custodians and exchanges have to stay a step ahead of hackers to protect users’ assets and ensure faith in the ecosystem.