Indian cryptocurrency exchange WazirX has faced a significant security breach, leading to unauthorized withdrawals amounting to over $230 million. The incident occurred during the early hours of Thursday, according to European time zones. This breach has raised serious concerns within the cryptocurrency community and has prompted immediate action from the exchange.
In response to the breach, WazirX quickly issued a statement on the social media platform X, informing users of the situation and the measures being taken to address it. The statement read, "We're aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We'll keep you posted with further updates."
To mitigate further risks, WazirX has temporarily halted all withdrawals while it continues to assess the extent of the breach. The exchange has identified additional smart contracts that were exploited and has set up a dedicated website for users to revoke all approvals to secure their funds. This proactive measure aims to prevent further unauthorized transactions and to protect users' assets.
Multisig, or multi-signature wallets, are designed to enhance security by requiring multiple private keys to authorize transactions. Despite this additional layer of security, the breach at WazirX highlights vulnerabilities that can still exist in these systems. The incident underscores the need for constant vigilance and advanced security measures in the cryptocurrency industry.
Blockchain analytics firm Lookonchain has been tracking early data related to the breach. According to their findings, substantial amounts of cryptocurrency were extracted from the compromised wallet. The stolen assets include over $100 million in Shiba Inu (SHIB) tokens, $52 million in Ether (ETH), $11 million in Matic (MATIC), and $6 million in Pepe (PEPE). The data also indicates that the attacker is actively trading the stolen assets on Uniswap, a decentralized finance (DeFi) protocol.
WazirX primarily serves the Indian market and is registered with India's Financial Intelligence Unit (FIU), allowing it to operate legally within the country. Despite the breach, WazirX remains a significant player in the Indian cryptocurrency market. According to recent data from CoinGecko, WazirX has handled a trading volume of approximately $2.2 million in the past 24 hours, with a significant focus on transactions involving tether (USDT) and XRP.
This security breach at WazirX has broader implications for the cryptocurrency industry, particularly concerning the security of digital assets. While multisig wallets are considered secure, this incident demonstrates that even advanced security measures can be vulnerable to sophisticated attacks. The breach serves as a reminder to all cryptocurrency exchanges and users to continuously update and improve their security protocols.
As WazirX continues to investigate the breach, the exchange is committed to keeping its users informed with regular updates. The priority remains to ensure the safety and security of users' assets while working to restore normal operations. The exchange's swift response and ongoing efforts to secure user funds reflect its dedication to maintaining trust within the cryptocurrency community.