2025-01-21
SOCRadar
Major Cyberattacks Targeting Cryptocurrency & NFT Industry
#AxieInfinity
#BingX
#Coincheck
#Cryptocurrency
#DMM
#Lazarus
#WazirX
WazirX
#WazirX
- Reported: 2024-07
- Locations: India
- Motivations: #FinancialGain
- Sectors: #Cryptocurrency
Summary
WazirX recently experienced a cyber attack on one of its multisig wallets, leading to a loss of over $230 million. This wallet, managed using Liminal’s digital asset custody services since February 2023, had six signatories: five from WazirX and one from Liminal. Transactions required approvals from three WazirX signatories and one from Liminal, with a policy to whitelist destination addresses to enhance security.
The attack exploited a discrepancy between the data shown on Liminal’s interface and the actual transaction contents. The attackers likely replaced the transaction payload, enabling them to gain control of the wallet.
Despite robust security measures, including the Gnosis Safe multisig platform and Liminal’s whitelisting policy, the attackers breached these defenses. WazirX is actively working to recover the stolen funds, having already blocked some deposits and reached out to relevant wallets.
WazirX emphasizes their commitment to transparency and is continually investigating the incident, seeking to recover the funds and strengthen their security to prevent future attacks.
Affected Wallet Address: 0x27fD43BABfbe83a81d14665b1a6fB8030A60C9b4