WazirX Exchange Hack: What Does a Hacker Do With Stolen Assets?

This morning, India's largest exchange WazirX was hacked - hackers stole assets worth over $234.9 million. This situation once again highlights the importance of not storing assets in exchange wallets and being careful when choosing the platform you work with.

But that's not what we're talking about - immediately after the hack, the wallet to which the fraudsters transferred the assets was leaked online.

It was quite easy to follow their next steps, so below we leave a link to the wallet, as well as show - exactly what assets were stolen and how the hackers are acting further.

WazirX Exchange Hack

Cyvers Alerts was the first to report it - having detected "multiple suspicious transactions" involving the Safe Multisig wallet on Ethereum.

According to Cyvers Alert's report, a total of $234.9 million in funds were transferred to the new address.

According to the report, a total of $234.9 million in funds were transferred to the new address. What is quite interesting - they also emphasized that the initiator of the transaction is funded by Tornado Cash.

ZachXBT, a well-known blockchain transaction researcher, has provided a detailed analysis of the recent WazirX hack. Below are the highlights and an overview of his findings:

Seed Funding via Tornado Cash

On 10 July at 15:03 UTC, wallet '0xc68' received 1 ETH from Tornado Cash.

A corresponding deposit of 1 ETH was made to wallet '0x87c0' 9 hours earlier.

Transaction Tracking

Tracing from wallet '0xc891', we can see that it was funded with two transactions of 0.36 ETH and 0.66 ETH on 8 July.

These transactions came from the exchange wallet '0xc2fdc2' and another wallet '0xa626'.

End of Tracking

Tracking ends as the BTC appears to be coming from an unknown service, making further tracking difficult.

ZachXBT notes that the hack shows potential signs of a Lazarus Group attack and calls on the WazirX team to be transparent in their actions.

The Lazarus Group is a cybercrime group that has been linked to North Korea. They are known for their sophisticated and large-scale cyber-attacks around the world.

At the moment, the Indian exchange has temporarily suspended the withdrawal of cryptocurrencies and Indian rupees on the platform.

Is the Hacker Selling Assets for ETH?

Information regarding the exchange address can be found here.

Wallet analysis with ArbitrageScanner.io

The attacker's wallet '0x04b2' is now in the spotlight. Click here for more details.

The "0x04b2" wallet has come under scrutiny as it has begun to dump these assets on the market. Specifically, the wallet has already sold 640.27 billion PEPE tokens worth approximately $7.6 million.

After analyzing the wallet, we attach below a detailed list of assets stolen by WazirX

  • 5.43 trillion SHIB ($102 million)
  • 15,298 ETH ($52.5 million)
  • 20.5 million MATIC ($11.24 million)
  • 640.27 billion PEPE ($7.6 million)
  • 5.79 million USDT
  • 135 million GALA ($3.5 million)
A detailed list of assets stolen by WazirX

So far, the attacker has unloaded all of his PEPE, GALA, RNDR, COS, OGN, and REQ, among others, and received 5,270 ETH ($18.14 million) in return. Apparently, he continues to sell assets for ETH.

WazirX Stolen Assets (18 July 08:50 UTC) from Arbitrage Scanner

Add the hacker's other wallets so you can also analyze their transactions and monitor changes in real-time.

0x35febC10112302e0d69F35F42cCe85816f8745CA 

0x90ca792206eD7Ee9bc9da0d0dF981FC5619F91Fd

Implications and Market Reaction

The scale of this asset movement is significant, raising questions about the security measures in place at WazirX and the potential market impact of such a large asset dump. The cryptocurrency community and investors are closely monitoring the situation and awaiting further updates from WazirX and other authorities involved in the investigation of this incident.

Press Contact

ArbitrageScanner

info@arbitragescanner.io