Web3 security firm Cyvers and ZachXBT report that the Indian crypto exchange, WazirX, has been potentially hacked. Cyvers told WazirX on X, “Our system has detected multiple suspicious transactions involving your Safe Multisig wallet on the ETH network.”
Hacker drains over $230 million from WazirX
Based on the X post, it is reported that funds totaling $234.9 million from the WazirX Safe Multisig wallet have been transferred to a new address. In addition, each transaction’s caller was funded by Tornado Cash, a decentralized protocol known to aid private transactions.
Cyvers reports that the hacker’s address later began a series of crypto swaps. Cyvers adds, “The suspicious address has already swapped PEPE, GALA, and USDT to ETH and continues to swap other digital assets.”
According to a Telegram post in the “Investigations by ZachXBT” channel, ZachXBT says that the attacker’s address still has over $100 million to dump. ZachXBT announces that ” the Attacker still has $100M+ worth of SHIB and $4.7M+ FLOKI to sell.”
According to on-chain data, the attacker had around $100 million in Shiba Inu, $52 million in ETH, and $11 million in Polygon. The wallet address also has $3.2 million Fantom, $2.3 million Fetch.ai, $4.7 million FLOKI, and $2.8 million Chainlink (FET).
The Sell-off
Unlike a few stories where the hacker returned the funds to the exchanges, the WazirX hacker has no remorse. Within a few hours of the hack, the hacker initiated their first sale worth over $618K in $SHIB.
Note that #WazirX exploiter has started selling $SHIB!#WazirX exploiter has sold 35B $SHIB($618K) and currently holds 5.4T $SHIB($95.45M).https://t.co/nRHmm24ZSl pic.twitter.com/DRzmaIbiqH
— Lookonchain (@lookonchain) July 18, 2024
According to lookonchain data, the hacker still holds 5.4T $SHIB, which is valued at over $95M.
The WazirX team has responded to the security breach and temporarily paused the withdrawal of crypto and INR from the platform. In an X post WazirX, the team says they are “actively investigating the incident.”
The official statement by WazirX reads, “We’re aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We’ll keep you posted with further updates.”
It remains to be seen if the hacker will have a change of heart and return the money to the exchange in exchange for a bounty and a walk-out-of-jail-free card.