Indian crypto platform WazirX confirms $230 million stolen during cyberattack

At least $230 million worth of cryptocurrency was stolen from an India-based cryptocurrency platform named WazirX on Wednesday night.

Several blockchain security firms and researchers saw millions in digital coins flowing out of the platform before the company acknowledged a security breach. 

“Our team is actively investigating the incident,” the company said in a message posted to social media on Thursday morning. In an effort to keep the remaining assets safe, the platform shut down all withdrawals. 

The company did not respond to requests for comment about what will be done to repay customers who suffered losses. But in a second statement on Thursday afternoon, WazirX said a preliminary investigation found that the losses exceeded $230 million.

At WazirX, our commitment to transparency and community welfare is paramount. There was a cyber attack on one of our multisig wallets. Below are the preliminary findings to clarify the situation:

» Incident Overview: A cyber attack occurred in one of our multisig wallets…

— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 18, 2024

WazirX said that despite their efforts to protect customer assets, the attackers “appear to have breached” their security features before the theft occurred. 

“This is a force majeure event beyond our control, but we are leaving no stone unturned to locate and recover the funds. We have already blocked a few deposits and reached out to concerned wallets for recovery,” the company said. 

In June, the company reported that it had about $500 million in reserves. 

Founded in 2017, the platform is one of the largest cryptocurrency exchanges in India, allowing people to buy, sell and trade digital assets. The company was reportedly purchased by Binance in 2019 but the two sides later clarified in 2022 that the crypto giant only intended “to purchase certain assets and intellectual property of WazirX.”

On Wednesday night, blockchain security companies including Elliptic, Arkham and BlockSec said there was clear evidence of millions worth of cryptocurrency being siphoned out of WazirX. 

Elliptic pegged the losses at $235 million and broke down the currencies stolen, which include ETH, some U.S. dollar-pegged stablecoins and more. 

The attackers have “already swapped a number of these tokens for Ether using a variety of decentralized services,” according to Elliptic, which attributed the incident to hackers affiliated with North Korea based on blockchain data and other information reviewed by the company. 

Another prominent crypto hack researcher said the attack “has the potential markings of a Lazarus Group attack” — referencing a prominent North Korean hacking group known for headline-grabbing crypto platform thefts. 

Experts at the United Nations are investigating 58 cyberattacks on cryptocurrency firms allegedly conducted by North Korean hackers that allowed attackers to rake in about $3 billion over a six-year span. 

Cybercriminals and nation-states continue to exploit vulnerabilities in crypto platforms enabling large-scale heists. Just this week, another popular crypto platform saw about $8 million stolen and last month more than $300 million worth of Bitcoin was stolen from Japanese cryptocurrency exchange DMM Bitcoin.