WazirX Hacking Incident Analysis
Contents
WazirX Hack Incident Analysis by Cobo's Security Team
October 10, 2024
1 Incident Overview
On July 18, 2024, WazirX, an Indian cryptocurrency exchange, fell victim to a major cyberattack. The attackers targeted a multi-signature wallet by manipulating the signers into approving a malicious smart contract upgrade. This breach allowed them to illegally transfer approximately $230 million worth of digital assets into their own wallets.
2 Incident Analysis
Note: The following analysis is done by Cobo's security team. It is based on post-mortem reports from WazirX and Liminal Custody, on-chain data, and publicly available information. The information may be incomplete or contain errors. It’s advised to verify with the involved companies for full details.
Sources:
2.1 Wallet Configuration and Signature Exploits
The compromised wallet was a Safe (formerly known as Gnosis Safe) multi-signature wallet using a 4-of-6 signature scheme. Five keys were held by WazirX in hardware wallets, while the sixth was an HSM key from Liminal Custody. This …
October 10, 2024
1 Incident Overview
On July 18, 2024, WazirX, an Indian cryptocurrency exchange, fell victim to a major cyberattack. The attackers targeted a multi-signature wallet by manipulating the signers into approving a malicious smart contract upgrade. This breach allowed them to illegally transfer approximately $230 million worth of digital assets into their own wallets.
2 Incident Analysis
Note: The following analysis is done by Cobo's security team. It is based on post-mortem reports from WazirX and Liminal Custody, on-chain data, and publicly available information. The information may be incomplete or contain errors. It’s advised to verify with the involved companies for full details.
Sources:
2.1 Wallet Configuration and Signature Exploits
The compromised wallet was a Safe (formerly known as Gnosis Safe) multi-signature wallet using a 4-of-6 signature scheme. Five keys were held by WazirX in hardware wallets, while the sixth was an HSM key from Liminal Custody. This …