The breach exploited a vulnerability in the exchange’s multi-signature wallet system, compromising the security of stored funds. To mitigate further losses and ensure the protection of remaining assets, WazirX has temporarily halted customer withdrawals.
“Trading has been temporarily paused. The cyber attack theft has impacted our ability to maintain 1:1 collaterals with assets, and we’ve temporarily paused trading. We’re conducting thorough forensic data examination and security audit procedures and working to enable withdrawals soon. User safety remains our top priority. Thank you for your patience and support during this challenging time. We will continue to provide regular updates 🙏,” read the post.
Biggest Crypto hack in recent times
Based on the Cyvers estimate, the amount lost from the multiple-signature wallet on WazirX would be one of the biggest crypto thefts in recent years and comes just a month after Japanese crypto exchange DMM Bitcoin lost over $300 million in a hack
The incident is said to have raised concerns about the exchange’s security protocols and its ability to safeguard user funds. Some are also questioning WazirX’s claim of maintaining a 1:1 collateral ratio with assets, sparking fears among investors about potential losses.
Hackers may have links to North Korea
In an attempt to recover the stolen funds, WazirX has launched a bounty program offering up to $23 million for information leading to the arrest of the culprits and the return of the stolen assets. Preliminary investigations by risk-management firm Elliptic suggest that the hackers may have links to North Korea.
Elliptic said in a blog post that hackers affiliated with North Korea appear to have carried out the hack. “The North Korea attribution is based on similarities in the types of services used by these hackers in the past, as well as similarities in their transactional behavior,” Tom Robinson, co-founder of Elliptic, said in an email.