CCT - Crypto Currency Tracker logo CCT - Crypto Currency Tracker logo
NewsBTC 2024-07-18 19:18:36

WazirX Exchange Releases Post-Mortem Report: Was North Korea Behind The $235M Exploit?

Indian-based cryptocurrency exchange WazirX recently fell victim to a significant security breach, resulting in the unauthorized transfer of over $230 million of assets. The incident led to the temporary suspension of withdrawals as the exchange worked to investigate and mitigate the breach. In a subsequent report released by WazirX, preliminary findings shed light on the causes of the exploit. At the same time, blockchain analytics firm Elliptic suggested the potential involvement of North Korea in this sophisticated attack. WazirX Multisig Wallet Breach WazirX disclosed that the cyber attack targeted one of their multisig wallets, which utilized the services of Liminal’s digital asset custody and wallet infrastructure since February 2023. The wallet allegedly had a configuration involving six signatories, including five from the WazirX team and one from Liminal, who were responsible for transaction verifications. Three WazirX signatories, who employed Ledger Hardware Wallets for added security, were required to approve a transaction, followed by the final approval from Liminal’s signatory. Related Reading: Crypto Analyst Predicts XRP Price To Hit $1.03 Soon, Warns Of Initial Dip Additionally, a whitelisting policy was in place to “enhance security,” allowing transactions solely to predefined addresses facilitated by Liminal. The exchange further disclosed that the breach originated from a “discrepancy” between the data displayed on Liminal’s interface and the actual contents of the transaction. During the attack, the exchange notes a “mismatch” between the information displayed on Liminal’s interface and what was signed. It is suspected that the payload was manipulated to transfer wallet control to the attacker, enabling them to exploit the vulnerability. North Korean Affiliation In $235M Breach? WazirX emphasized its implementation of “robust” security measures, including the Gnosis Safe multi-sig smart contract platform and Liminal’s whitelisting policy. Despite these precautions, the cyber attackers managed to breach the security features and execute the theft. Looking ahead, the exchange expressed its commitment to protecting customer assets and acknowledged the need for further investigation and reinforcement of security protocols. The exchange concluded by stating the following: This is a force majeure event beyond our control, but we are leaving no stone unturned to locate and recover the funds. We have already blocked a few deposits and reached out to concerned wallets for recovery. We are in touch with the best resources to help us in this endeavor. While these are our findings from our preliminary investigation, we will keep you posted with further updates. Together with your support, we shall overcome this challenge and emerge stronger and more resilient than ever. Related Reading: MOVR Bulls Assemble: Crypto Analyst Says A 2,000% Surge To $234 Is Imminent Blockchain analytics firm Elliptic, on the other hand, conducted an independent analysis of the exploit and indicated a potential connection to North Korea. According to Elliptic’s findings, approximately $235 million in various crypto assets were lost in the breach, including Shiba Inu (SHIB), Ethereum (ETH), Polygon (MATIC), and Pepe. The thief has reportedly converted some of these tokens into Ether using decentralized services, a common step in the laundering process. On-chain analysis and additional information reviewed by Elliptic suggest the alleged involvement of hackers affiliated with North Korea. Featured image from DALL-E, chart from TradingView.com

阅读免责声明 : 此处提供的所有内容我们的网站,超链接网站,相关应用程序,论坛,博客,社交媒体帐户和其他平台(“网站”)仅供您提供一般信息,从第三方采购。 我们不对与我们的内容有任何形式的保证,包括但不限于准确性和更新性。 我们提供的内容中没有任何内容构成财务建议,法律建议或任何其他形式的建议,以满足您对任何目的的特定依赖。 任何使用或依赖我们的内容完全由您自行承担风险和自由裁量权。 在依赖它们之前,您应该进行自己的研究,审查,分析和验证我们的内容。 交易是一项高风险的活动,可能导致重大损失,因此请在做出任何决定之前咨询您的财务顾问。 我们网站上的任何内容均不构成招揽或要约