WazirX, an Indian cryptocurrency exchange, announced on July 18th that one of its multisig wallets had been severely compromised. The hacking incident depleted funds worth over $230 million, causing WazirX to temporarily halt all withdrawals to protect the remaining assets. The breach, which the exchange confirmed in a statement on July 18th X, has critically strained WazirX’s efforts to mitigate the situation and assure its customers.
On Friday morning, WazirX disclosed detailed insight into the hack. The compromised wallet has used Liminal’s digital asset custody and infrastructure since February 2023. The wallet was programmed to require six signatories’ approvals: five from WazirX and one from Liminal. A passing transaction required approval from three signatories of WazirX and Liminal, while a security rule only allowed transactions to pre-approved addresses.
At WazirX, our commitment to transparency and community welfare is paramount. There was a cyber attack on one of our multisig wallets. Below are the preliminary findings to clarify the situation:
» Incident Overview: A cyber attack occurred in one of our multisig wallets…
— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 18, 2024
The attacker exploited a security flaw between Liminal’s interface display and the transaction execution to hijack the wallet and break the enforced security provisions. Even though the compromise implied WazirX’s security was subpar, the exchange restored all systems to turn off any deposits before finding stolen asset leads, repairing them, and logging their progress. Liminal noted in a separate statement that its system had been untouched and the compromised wallet had been generated outside its platform.
Multisig wallets, which necessitate additional private keys to process transactions, are designed to be secure. Nonetheless, the attackers found a way around WazirX’s category while the Centralized Exchange (CEX) turned off all further deposits and actively planned to recover the compromised assets.
However, all efforts went down the drain as the attacker divested Shiba Inu in a new act. Arkham Intelligence announced that the hacker no longer holds Shiba Inu (SHIB) tokens. Out of the $230 million worth of hacks, the hacker already sold off $102.1 million worth of SHIB that it hacked from WazirX. This sell-off spree has pushed WazirX into further urgency to speed up recovery operations, secure their exchange, and retrieve stolen funds. The way forward WazirX reassured all stakeholders of its commitment, and more updates would be shared once discovered. The CEX’s measure implies securing its framework against further breaches, recovering stolen funds, and rebuilding customer trust.
This isn’t the first time WazirX has been scrutinized due to security and regulatory issues. In 2021, the exchange faced questions from authorities regarding alleged failures to comply with anti-money laundering protocols. Moreover, earlier this year, during unusually high trading volume, WazirX experienced technical difficulties that necessitated temporary shutdowns and frustrated customers.
While strenuous efforts have been made to rebuild trust among users following these setbacks, the current breach has undone much of that work. Further complicating matters, in the wake of the hack, it remains unclear precisely what user data may have been stolen and how victims can reasonably hope to be compensated for any losses. Moving forward, damage control and bolstering defenses against a repeat of this recently suffered compromise will undoubtedly need to become a top priority if this exchange is to avoid even deeper troubles ahead.