WazirX Cyber Attack Update: Company Reveals Initial Findings

Hours after the prominent Indian cryptocurrency exchange WazirX suffered a significant cyber attack resulting in a loss exceeding $230 million, the company has disclosed its preliminary findings regarding the incident. The attack targeted one of its multisig wallets, which was managed using Liminal’s digital asset custody and wallet infrastructure since February 2023.

Key Takeaways

• WazirX reported a loss of over $230 million due to a cyber attack.
• The breach involved a multisig wallet with six signatories.
• Initial findings suggest a discrepancy in data displayed on Liminal’s interface led to the attack.
• The company is actively working to recover the lost funds.

Overview Of The Attack

The cyber attack on WazirX was executed through a multisig wallet that required multiple approvals for transactions. The wallet had six signatories: five from WazirX and one from Liminal. Typically, a transaction needed the approval of three WazirX signatories, all of whom utilized Ledger Hardware Wallets for enhanced security, followed by the final approval from Liminal’s representative.

However, the attackers managed to exploit a flaw in the system. They swapped various assets, including Tether, Pepe, and Gala, for Ether before the breach was publicly acknowledged.

Wallet Configuration And Breach Mechanics

WazirX provided insights into the wallet's configuration and the mechanics of the breach:

• Signatories: Six total (five WazirX, one Liminal).
• Approval Process: Requires three WazirX signatories and one from Liminal.
• Security Measures: Utilized Gnosis Safe multisig smart contract and a whitelisting policy for destination addresses.

The company suspects that the attack stemmed from a mismatch between the data displayed on Liminal’s interface and the actual transaction contents. This discrepancy may have allowed the attackers to replace the payload, effectively transferring control of the wallet to them.

Company Response And Recovery Efforts

In light of the attack, WazirX has categorized the incident as a “force majeure,” indicating that it was beyond their control. The company is taking several steps to mitigate the damage and recover the lost funds:

• Blocking Deposits: Certain deposits have been blocked to prevent further losses.
• Outreach: The company is reaching out to affected wallets in an attempt to recover the stolen assets.
• Expert Assistance: WazirX is collaborating with top resources to aid in the recovery process.

Despite implementing robust security measures, the company acknowledged that the attackers managed to breach these defenses, leading to the theft. WazirX remains committed to protecting customer assets and is actively pursuing all avenues to recover the lost funds.

Conclusion

The WazirX cyber attack serves as a stark reminder of the vulnerabilities present in the cryptocurrency space. As the company works diligently to recover from this incident, it highlights the importance of continuous security enhancements and vigilance in safeguarding digital assets.

Sources

• WazirX cyber attack update: Company discloses initial findings, MSN.