The WazirX exchange in India has verified the occurrence of a security breach resulting in the disappearance of $230 million in digital currency assets.
“A digital breach took place in one of our [multi-signature] wallets wherein funds amounting to over $230 million were lost,” as mentioned by the company stated in an official declaration. “This specific wallet was being managed using Liminal’s digital asset protection and wallet structure starting from February 2023.”
The Mumbai-based organization detailed that the breach originated from a discrepancy between the information shown on Liminal’s screen and the actual content being approved. They explained that the relevant data had been altered to authorize control of the wallet to an attacker.
Liminal, a company specializing in safeguarding digital assets, is one of the six authorized parties associated with the wallet and is tasked with verifying transactions.
“Our initial investigations reveal that one of the autonomous multi-signature smart contract wallets constructed outside of the Liminal ecosystem had been breached,” conveyed Liminal in a sequence of posts uploaded on X.
“It is noteworthy that all WazirX wallets established on the Liminal platform continue to remain safe and secure. Additionally, the illicit transactions to the hacker’s wallets were conducted externally to the Liminal platform.”
Specialists at Elliptic, a blockchain insight company, asserted that the attack displays classic characteristics of threat actors linked to North Korea. They also stated that the criminals exchanged the stolen digital assets for Ether through various decentralized services.
This viewpoint was echoed by crypto analyst ZachXBT on X, who mentioned that “the breach at WazirX exhibits similarities to an attack by the Lazarus Group (yet again).”
Threat actors connected with North Korea have a history of executing cyber attacks against the digital currency industry since at least 2017 in order to circumvent international sanctions imposed on the country.
Earlier this year, the United Nations disclosed that it was scrutinizing 58 suspected infiltrations carried out by state-sponsored entities between 2017 and 2023, securing $3 billion in illicit profits to support its nuclear armaments program.
This revelation emerges amidst a coordinated law enforcement campaign codenamed Spincaster that dismantled deceitful networks profiting from approval phishing, a prevalent technique wherein funds are stolen via counterfeit digital currency applications and romantic deceptions (also known as pig butchering). An estimated $2.7 billion has been stolen through this method since May 2021.
“Using the approval phishing tactic, scammers deceive users into validating a corrupt blockchain transaction, granting the scammer’s wallet permission to spend specific tokens within the victim’s account, thereby allowing the scammer to drain the victim’s account of those tokens at their discretion,” outlined Chainalysis explained.
About Author
