The Indian cryptocurrency exchange WazirX has reportedly suffered a major security breach, with its multisig wallet suspected to be compromised.
Over 200 tokens were stolen, resulting in a total loss of approximately $231 million.
🚨The multisig wallet of Indian exchange #WazirX is suspected to be compromised.
More than 200 tokens were stolen with a total loss of ~$231M. pic.twitter.com/cwRtN3muft
— Beosin Alert (@BeosinAlert) July 18, 2024
Some of the stolen funds from WazirX were traced to ChangeNOW and Binance. The deposit address of the exploiter at Binance is 0xf92949ab576ac2f8dc9e4650e73db083f1f9cd9f.
Some of the @WazirXIndia stolen funds were sent to @ChangeNOW_io and @binance.
The deposit address of the exploiter at @binance:
0xf92949ab576ac2f8dc9e4650e73db083f1f9cd9f https://t.co/U0aJ7Td48E pic.twitter.com/BO89iogY6s— Beosin Alert (@BeosinAlert) July 18, 2024
The attack appears to have been executed by an attacker who obtained the admin signature data from WazirX’s multisig wallet. The attacker then modified the wallet’s logic contract, making the wallet execute incorrect logic to steal assets. The attacker’s address is identified as 0x6eedf92fb92dd68a270c3205e96dccc527728066.
The attacker deployed an attack contract at address 0x27fd43babfbe83a81d14665b1a6fb8030a60c9b4. This contract’s function was to withdraw specified token assets from it. By obtaining signature data from the WazirX multisig wallet, the attacker modified the wallet’s logic contract to the pre-deployed attack contract.
Subsequently, the attacker submitted a token withdrawal transaction to the WazirX multisig wallet. Due to the proxy pattern mechanism, the wallet contract used delegatecall to call the relevant functions of the attack contract, effectively transferring the wallet’s tokens to the attacker.
Affected Tokens From WazirX Recent Hack
The stolen assets include significant amounts of various tokens:
- – 5.43 trillion SHIB ($102 million)
- – 15,298 ETH ($52.5 million)
- – 20.5 million MATIC ($11.24 million)
- – 640.27 billion PEPE ($7.6 million)
- – 5.79 million USDT
- – 135 million GALA ($3.5 million)
Update:#WazirX has ~$230M in assets stolen. Including:
5.43T $SHIB($102M)
15,298 $ETH($52.5M)
20.5M $MATIC($11.24M)
640.27B $PEPE($7.6M)
5.79M $USDT
135M $GALA($3.5M)
…‼️Please note that the hacker is selling these assets!https://t.co/1uOozAVeM1 https://t.co/ogtVSFITK9 pic.twitter.com/3vPmxqXwbL
— Lookonchain (@lookonchain) July 18, 2024
This incident has raised serious concerns about the security of multisig wallets and the vulnerabilities that can be exploited by sophisticated attackers. WazirX is currently investigating the breach and working with authorities and other exchanges to trace and recover the stolen funds.
The cryptocurrency community is urged to stay vigilant and take necessary precautions to protect their assets in light of this significant breach.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news!
Image Source: Max Bender/Unsplash // Image Effects by Colorcinch