Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets.

"A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million," the company said in a statement. "This wallet was operated utilizing the services of Liminal's digital asset custody and wallet infrastructure from February 2023."

The Mumbai-based company said the attack stemmed from a mismatch between the information that was displayed on Liminal's interface and what was actually signed. It said the payload was replaced to transfer wallet control to an attacker.

Crypto custody firm Liminal is one of the six signatories on the wallet and is responsible for transaction verifications.

"Our preliminary investigations show that one of the self custody multi-sig smart contract wallets created outside of the Liminal ecosystem has been compromised," Liminal said in a series of posts shared on X.

"It is also pertinent to note that all WazirX wallets created on the Liminal platform continue to remain secure and protected. Meanwhile, all the malicious transactions to the attacker's addresses have occurred from outside of the Liminal platform."

Blockchain analytics firm Elliptic said the attack has all the hallmarks of North Korean threat actors, and that the attackers have taken the step of swapping the crypto assets for Ether using various decentralized services.

This was also reiterated by crypto researcher ZachXBT on X, who said "the WazirX hack has the potential markings of a Lazarus Group attack (yet again)."

Threat actors affiliated with North Korea have a track record of staging cyber attacks targeting the cryptocurrency sector since at least 2017 as a way to get around international sanctions imposed against the country.

Earlier this year, the United Nations said it was probing 58 suspected intrusions carried out by the nation-state actors between 2017 and 2023 that netted $3 billion in illegal revenues to help it advance its nuclear weapons program.

The disclosure comes against the backdrop of a coordinated law enforcement operation codenamed Spincaster that shut down scam networks making illicit profits off approval phishing, a popular tactic in which funds are stolen through fake crypto apps and romance scams (aka pig butchering). As much as $2.7 billion is estimated to have been stolen using this method since May 2021.

"With the approval phishing technique, the scammer tricks the user into signing a malicious blockchain transaction that gives the scammer's address approval to spend specific tokens inside the victim's wallet, allowing the scammer to then drain the victim's address of those tokens at will," Chainalysis said.
Update#

WazirX has announced a bug bounty program in response to a cyber attack to help uncover "actionable intelligence" that could lead to the freezing of the stolen assets, in addition to offering a reward equivalent to 10% of the recovered amount.

The crypto exchange has since notified the Financial Intelligence Unit—India (FIU-IND) and CERT-In, and has temporarily paused trading.



Note: If this article has helped, please feel free to share. If you'd like to participate and post an article, please send your submissions to info@certificationpoint.org


—————————————---
MARKETING & PROMOTION
—————————————---

Check Out Our Video!
A Smarter Way To Collaborate: https://m.youtube.com/watch?v=hyRxJvIXNR0

Register @ CertificationPoint!
—————————————
https://www.certificationpoint.org/member/index.php?command=signup_page

Find Out More About Student FreelanceWork EXperience Builders
——————————————————————————--------
http://www.certificationpoint.org/stude ... elance.php

Take An Exam Today @ CertificationPoint
——————————--------------------------
http://certificationpoint.net/register.php

APPRENTICESHIPS @ CERTIFICATIONPOINT
——————————-----------------------------------
http://www.certificationpoint.org/Apprenticeship.php

INVESTING IN CERTIFICATIONPOINT
——————————-----------------------
http://www.certificationpoint.org/invest.php

SOCIAL MEDIA
———————
Find us on Twitter: https://twitter.com/@certpointorg
Find us on Facebook: https://www.facebook.com/CertificationPoint
Find us on Google+: https://plus.google.com/117737803640713546061
Find us on Instagram: https://www.instagram.com/certificationpoint/
Find us on Tumblr: https://www.tumblr.com/blog/certificationpoint
Find us on LinkedIn: https://www.linkedin.com/in/certification-point-65a1642b
Find us on Pinterest: https://www.pinterest.com/certoken/

Additional Options For SHARING CertificationPoint
——————————————————-------------
https://www.scribd.com/document/696921433/CertificationPoint-Manifesto
https://www.scribd.com/document/696921430/CertificationPoint-Student-Poster
https://www.scribd.com/document/696921429/CertificationPoint-Student-Flyer
https://www.scribd.com/document/696921428/CertificationPoint-Inc-Course-Catalog-2024
https://www.scribd.com/document/696921427/CertificationPoint-Magazine