>
>

$235M Crypto Theft from WazirX is Linked to North Korean Hackers, Says Elliptic

July 18, 2024

Blockchain analytics firm Elliptic has identified North Korean hackers as the likely culprits behind the latest substantial security breach at WazirX, an Indian cryptocurrency exchange, which took place earlier today.

After identifying the breach, WazirX was quick to upload to his users on X, noting:

“Update: We're aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident.

“To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We'll keep you posted with further updates.”

This incident resulted in the theft of approximately $235 million worth of cryptocurrencies, marking one of the most significant exploits in the crypto space this year.

The Heist Unfolded

On the morning of the attack, Elliptic swiftly pinpointed the compromise of WazirX's security, attributing it to sophisticated cybercriminals with ties to North Korea.

The theft encompassed a vast array of digital assets, including major cryptocurrencies like Ethereum and niche tokens such as Shiba Inu and MATIC.

Crypto assets stolen from the WazirX hack. | Source: Elliptic

According to Elliptic's report, these funds were promptly moved to various blockchain addresses, initiating a complex laundering process to obscure the trail of stolen assets.

The hackers' methodology involved sophisticated techniques commonly associated with state-sponsored actors. Shortly after exfiltrating the funds, the stolen crypto was funneled through Tornado Cash, a service known for its ability to mask transaction histories.

This initial move was aimed at complicating the tracking of the stolen assets. Subsequently, the funds were exchanged for Ethereum through decentralized platforms, further diluting any direct link to the original theft.

Elliptic's response was swift. They incorporated the addresses used by the hackers into their tracking system to alert their clients about potential exposure to these tainted funds.

Moreover, the blockchain community has been vigilant, with notable figures like blockchain investigator ZachXBT contributing to the efforts by linking some of the illicit transactions to identifiable accounts, which could potentially lead to more significant breakthroughs in tracing the stolen funds.

Opening MetaMask...
Confirm connection in the extension

The current connected wallet does not hold a LARP. To get access to the Meal Deal please connect a wallet which holds a LARP. Alternatively, visit Opensea to purchase one or visit Join the Meal Deal to purchase a subscription

Table of contents