Security Breach at WazirX Leads to $230 Million Cryptocurrency Theft

The Indian cryptocurrency exchange, WazirX, has confirmed a major security breach in which cyber attackers stole cryptocurrencies worth $230 million. It reported that the attack targeted one of its multicurrency wallets, with Liminal having managed the infrastructure of the said wallet since February of this year.

The company went to the details that this exploit was executed through an inconsistency between what the users had seen on Liminal’s interface and the transactions that were signed. This inconsistency, combined with a transaction payload alteration, was enough for the attacker to acquire the wallet. WazirX added that Liminal is also culpable in the entire scenario as the firm is one of the six signatories further with the verification of transactions made over the exploited wallet.

Responding to this, Liminal explained that the compromise was towards a self-custody multi-signature smart contract wallet developed outside its ecosystem. They further added that all wallets created on the Liminal platform by WazirX are secure, and nothing will affect them through the breach that happened. Statements on social media by Liminal emphasized that the malicious transaction occurred outside of their platform while their internal systems remained intact.

According to more information from blockchain analytics firm Elliptic, the attack was of the same nature as those carried out by North Korean threat actors. They explained that the stolen crypto assets were in turn converted to Ether with the help of various decentralized services, something known for use by these attackers. This opinion was also shared by cryptocurrency researcher ZachXBT, who stressed that one of the main suspects might be the notorious cybercrime organization Lazarus Group, connected to North Korea.

North Korean threat actors are renowned for their proclivity to pursue the cryptocurrency sector and have conducted cyber attacks to circumvent international sanctions. This has been going on since 2017, and there have been several headline heists. The WazirX case seems to follow that pattern—where high technology was used to compromise digital assets and ease their transfer.