WazirX cyber attack update: Company discloses initial findings

WazirX cyber attack update: Company discloses initial findings
ôîòî ïîêàçàíî ñ : invezz.com

2024-7-19 21:44

Hours after prominent Indian cryptocurrency exchange WazirX fell prey to a cyber attack which led to a loss of funds exceeding $230 million, the company has revealed its preliminary findings related to it.

“A cyber attack occurred in one of our multisig wallets involving a loss of funds exceeding $230 million. This wallet was operated utilizing the services of Liminal’s digital asset custody and wallet infrastructure from February 2023,” WazirX said.

Web3 security firm Cyvers had first detected several suspicious transactions that moved $234.9 million of funds from the exchange’s wallet to a new address. 

It had flagged the same in a post on ‘X’ earlier on Thursday.

The attacker had already swapped multiple assets, including Tether, Pepe, and Gala, to Ether, by the time the hack was brought out in public domain.

Wallet configuration and breach mechanics

The company in its statement laid out the wallet configuration mechanism and how the breach may have occurred.

“The wallet had six signatories—five from our WazirX team and one from Liminal, who were responsible for transaction verifications. A transaction typically requires approval from three of the WazirX signatories (all three of whom use Ledger Hardware Wallets for security), followed by the final approval from Liminal’s signatory. A policy to whitelist destination addresses was also in place to enhance security. These whitelisted addresses were earmarked and facilitated on the interface by Liminal; consequently, the WazirX team had the ability to initiate transactions to the said whitelisted addresses.”

How did the attack occur?

“The cyber attack stemmed from a discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents. During the cyber attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. We suspect the payload was replaced to transfer wallet control to an attacker.”

According to the company, it has “robust” security features, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy.

“Despite us taking all necessary steps to protect the customer assets, the cyber attackers appear to have possibly breached such security features, and the theft occurred,” it said.

Action taken by the company

WazirX said the event was a “force majeure”, beyond its control but it is putting in its best efforts to locate and recover the funds.

We have already blocked a few deposits and reached out to concerned wallets for recovery. We are in touch with the best resources to help us in this endeavor.

The post WazirX cyber attack update: Company discloses initial findings appeared first on Invezz

Similar to Notcoin - Blum - Airdrops In 2024

origin »

WazirX (WRX) íà Currencies.ru

$ 0 (+0.00%)
Îáúåì 24H $0
Èçìåíåèÿ 24h: 0.00 %, 7d: 0.00 %
Cåãîäíÿ L: $0 - H: $0.0953866
Êàïèòàëèçàöèÿ $0 Rank 99999
Äîñòóïíî / Âñåãî 0 WRX

findings company attack cyber wazirx 230 exceeding

findings company → Ðåçóëüòàòîâ: 47


Hackers Have Received Over $81M in Crypto since January Due to Ransomware: Chainalysis Report

Blockchain and crypto analytic firm Chainalysis has released its mid-year findings, which show that ransomware victims have paid approximately $81 million worth of crypto this year. The company noted that the $81 million figure is likely to rise in the coming days as more ransomware addresses are identified and, as such, the figure should be […] The post Hackers Have Received Over M in Crypto since January Due to Ransomware: Chainalysis Report first appeared on BitcoinExchangeGuide.

2021-5-17 18:59


Ôîòî:

Report Cuts China’s Bitcoin Mining Capacity to 50% of World Total, Raises US’ to 14%

A new report by crypto research company Bitooda claims that China accounts for only 50% of global Bitcoin mining capacity, and the U.S. 14%. The data is in sharp contrast with earlier findings from the University of Cambridge Centre for Alternative Finance (CCAF), which put China’s share of the world hash rate at 65% and […] The post Report Cuts China’s Bitcoin Mining Capacity to 50% of World Total, Raises US’ to 14% appeared first on Bitcoin News.

2020-7-18 03:05


Chinese Bitcoin Mining Firm Canaan Is Rumored To Have Filed For IPO In The US: IFRAsia Findings

A major Bitcoin (BTC) miner manufacturer from China called Canaan Creative is rumored to have just filed for an Initial Public Offering (IPO) in the United States. According to IFRAsia, some inside sources have claimed that the Chinese company wants to be listed on the U. S. and has the goal of acquiring $200 million […]

2019-7-31 22:17


Ôîòî:

Bitfinex Faces Legal Action From NY Attorney General: Here’s What This Means

The New York Office of the Attorney General (AG) wants to take a closer look into the business operations of Bitfinex and related stablecoin issuer Tether (USDT). According to a legal petition filed with the Supreme Court of New York, the NY Attorney General Office of Letitia James is applying for a court order to investigate Bitfinex’s suite of interrelated companies (including its umbrella firm iFinex and Tether Holdings Limited) for “ongoing fraud” to the tune of $850 million.

2019-4-27 01:30


Ôîòî:

As Court Reconvenes for QuadrigaCX, Questions Surround Empty Cold Wallets

As QuadrigaCX’s legal counsel descends on the courtroom in Halifax, Nova Scotia, for another round of legal proceedings, the court monitor’s third report on QuadrigaCX’s finances — specifically its revelation that the exchange’s cold wallets are empty — lays out some hopeful avenues for fund recovery — and some frustrating dead ends.

2019-3-5 20:20


Companies Using RippleNet and XRP May Not be as Highly Reputed as Ripple Claims

Companies that have adopted RippleNet, a global payments network may not be as large as Ripple, a U.S-based fintech and blockchain company has touted them to be, if the findings of an anonymous Twitter user with username @TrollyTrollFace Per the report, Trolly McTrollface, a user on Twitter publicized his findings after investigating many companies which […]

2019-2-1 07:49


Ôîòî:

Security Researchers Reveal Wallet Vulnerabilities On Stage at 35C3

In a demonstration titled “Wallet. fail,” a team of security researchers hacked into the Trezor One, Ledger Blue and Ledger Nano S. Unfortunately, it appears as if their findings were first put on display at the 35th Chaos Communication Congress (35C3) in Leipzig, Germany, rather than through accepted Responsible Disclosure practices, which would have allowed the manufacturers to patch the vulnerabilities and protect their customers from any potential attack.

2019-1-1 19:15