WazirX halts trading after a $234 million hack

Reports show that hackers have targeted WazirX, an Indian crypto exchange. Based on information provided by the security platform Cyvers, several transactions have been flagged as suspicious. 

Also Read: BlockFi to start temporary crypto distribution via Coinbase

Due to the security breach, the Indian exchange has decided to temporarily suspend the withdrawal of cryptocurrencies and INR on their platform. Web3 security firm Cyvers has detected “multiple suspicious transactions” involving WazirX’s Safe Multisig wallet on Ethereum.

In an X post, Cyvers writes to WazirX, “Our system has detected multiple suspicious transactions involving your Safe Multisig wallet on the ETH network. A total of $234.9M of your funds have been moved to a new address. Each transaction’s caller is funded by @TornadoCash”

According to the Cyvers report, “The suspicious address has already swapped PEPE, GALA, and USDT to ETH and continues to swap other digital assets.” 

According to a Telegram message in the “Investigations by ZachXBT” channel, crypto sleuth ZachXBT revealed that the suspected principal attacker’s address still has over $104 million to dump. ZachXBT writes: “Attacker still has $100M+ worth of SHIB and $4.7M+ FLOKI to sell.”

In addition, the address holdings comprised approximately $100 million Shiba Inu, $52 million ETH, and $11 million Polygon. The wallet also had $4.7 million FLOKI, $3.2 million Fantom, $2.8 million Chainlink, and $2.3 million Fetch.ai (FET), with the rest split among other tokens.

According to data from Lookonchain, the attacker has started moving the stollen crypto in SHIB. In an X post, they write, “Note that #WazirX exploiter has started selling $SHIB! WazirX exploiter has sold 35B $SHIB($618K) and currently holds 5.4T $SHIB($95.45M).”

In a recent post by the official exchange, the WazirX team said that they are currently investigating the incident and will provide updates as the situation progresses.

Their official report on X reads, “We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We’ll keep you posted with further updates.”

The team or person behind the hack has yet to be identified. However, here is the primary theft address as provided by ZachXBT: 0x04b…1a88.

[This is an unfolding story , more details will follow with updates]