WazirX Exchange Hack: What Does a Hacker Do With Stolen Assets?
This morning, India's largest exchange WazirX was hacked - hackers stole assets worth over $234.9 million. This situation once again highlights the importance of not storing assets in exchange wallets and being careful when choosing the platform you work with.
But that's not what we're talking about - immediately after the hack, the wallet to which the fraudsters transferred the assets was leaked online.
It was quite easy to follow their next steps, so below we leave a link to the wallet, as well as show - exactly what assets were stolen and how the hackers are acting further.
WazirX Exchange Hack
Cyvers Alerts was the first to report it - having detected "multiple suspicious transactions" involving the Safe Multisig wallet on Ethereum.
According to the report, a total of $234.9 million in funds were transferred to the new address. What is quite interesting - they also emphasized that the initiator of the transaction is funded by Tornado Cash.
ZachXBT, a well-known blockchain transaction researcher, has provided a detailed analysis of the recent WazirX hack. Below are the highlights and an overview of his findings:
Seed Funding via Tornado Cash
On 10 July at 15:03 UTC, wallet '0xc68' received 1 ETH from Tornado Cash.
A corresponding deposit of 1 ETH was made to wallet '0x87c0' 9 hours earlier.
Transaction Tracking
Tracing from wallet '0xc891', we can see that it was funded with two transactions of 0.36 ETH and 0.66 ETH on 8 July.
These transactions came from the exchange wallet '0xc2fdc2' and another wallet '0xa626'.
End of Tracking
Tracking ends as the BTC appears to be coming from an unknown service, making further tracking difficult.
ZachXBT notes that the hack shows potential signs of a Lazarus Group attack and calls on the WazirX team to be transparent in their actions.
The Lazarus Group is a cybercrime group that has been linked to North Korea. They are known for their sophisticated and large-scale cyber-attacks around the world.
At the moment, the Indian exchange has temporarily suspended the withdrawal of cryptocurrencies and Indian rupees on the platform.
Is the Hacker Selling Assets for ETH?
Information regarding the exchange address can be found here.
The attacker's wallet '0x04b2' is now in the spotlight. Click here for more details.
The "0x04b2" wallet has come under scrutiny as it has begun to dump these assets on the market. Specifically, the wallet has already sold 640.27 billion PEPE tokens worth approximately $7.6 million.
After analyzing the wallet, we attach below a detailed list of assets stolen by WazirX
- 5.43 trillion SHIB ($102 million)
- 15,298 ETH ($52.5 million)
- 20.5 million MATIC ($11.24 million)
- 640.27 billion PEPE ($7.6 million)
- 5.79 million USDT
- 135 million GALA ($3.5 million)
So far, the attacker has unloaded all of his PEPE, GALA, RNDR, COS, OGN, and REQ, among others, and received 5,270 ETH ($18.14 million) in return. Apparently, he continues to sell assets for ETH.
Add the hacker's other wallets so you can also analyze their transactions and monitor changes in real-time.
→ 0x35febC10112302e0d69F35F42cCe85816f8745CA
→ 0x90ca792206eD7Ee9bc9da0d0dF981FC5619F91Fd
Implications and Market Reaction
The scale of this asset movement is significant, raising questions about the security measures in place at WazirX and the potential market impact of such a large asset dump. The cryptocurrency community and investors are closely monitoring the situation and awaiting further updates from WazirX and other authorities involved in the investigation of this incident.
Press Contact
ArbitrageScanner