This morning, India’s largest exchange WazirX was hacked – hackers stole assets worth over $234.9 million. This situation once again highlights the importance of not storing assets in exchange wallets and being careful when choosing the platform you work with. 

But that’s not what we’re talking about – immediately after the hack, the wallet to which the fraudsters transferred the assets was leaked online.

It was quite easy to follow their next steps, so below we leave a link to the wallet, as well as show – exactly what assets were stolen and how the hackers are acting further. 

WazirX exchange hacked

WazirX exchange hack

Cyvers Alerts was the first to report it – having detected “multiple suspicious transactions” involving the Safe Multisig wallet on Ethereum. 

Safe Multisig wallet on Ethereum.

According to the report, a total of $234.9 million in funds were transferred to the new address. And what is quite interesting – they also emphasized that the initiator of the transaction is funded by Tornado Cash.

Seed funding via Tornado Cash

On 8 July at 15:03 UTC, wallet ‘0xc68’ received 1 ETH from Tornado Cash.

A corresponding deposit of 1 ETH was made to wallet ‘0x87c0’ 9 hours earlier.

Transaction Tracking

Tracing from wallet ‘0xc891’, we can see that it was funded with two transactions of 0.36 ETH and 0.66 ETH on 8 July.

These transactions came from the exchange wallet ‘0xc2fdc2’ and another wallet ‘0xa626’.

End of tracking:

Tracking ends as the BTC appears to be coming from an unknown service, making further tracking difficult.

ZachXBT notes that the hack shows potential signs of a Lazarus Group attack and calls on the WazirX team to be transparent in their actions.

The Lazarus Group is a cybercrime group that has been linked to North Korea. They are known for their sophisticated and large-scale cyber attacks around the world. 

At the moment, the Indian exchange has temporarily suspended the withdrawal of cryptocurrencies and Indian rupees on the platform.

Is the hacker selling assets for ETH?

Exchange address – Click to view 

Wallet analysis with ArbitrageScanner.io

wazirx asset stolem

Wallet analysis with ArbitrageScanner.io

Attacker’s wallet “0x04b2” in the spotlight – Click to view the wallet address

The “0x04b2” wallet has come under scrutiny as it has begun to dump these assets on the market. Specifically, the wallet has already sold 640.27 billion PEPE tokens worth approximately $7.6 million.

After analyzing the wallet, we attach below a detailed list of assets stolen by WazirX

  • 5.43 trillion SHIB ($102 million)
  • 15,298 ETH ($52.5 million)
  • 20.5 million MATIC ($11.24 million)
  • 640.27 billion PEPE ($7.6 million)
  • 5.79 million USDT
  • 135 million GALA ($3.5 million)

Wazirx wallet hacked assets flow

So far, the attacker has unloaded all of his PEPE, GALA, RNDR, COS, OGN, and REQ, among others, and received 5,270 ETH ($18.14 million) in return. Apparently he continues to sell assets for ETH.

Wazirx hack stolen asset flow

Add the hacker’s other wallets so you can also analyze their transactions and monitor changes in real time.

0x35febC10112302e0d69F35F42cCe85816f8745CA 

0x90ca792206eD7Ee9bc9da0d0dF981FC5619F91Fd

Implications and Market Reaction

The scale of this asset movement is significant, raising questions about the security measures in place at WazirX and the potential market impact of such a large asset dump. The cryptocurrency community and investors are closely monitoring the situation and awaiting further updates from WazirX and other authorities involved in the investigation of this incident.

Are your funds at WazirX safe?

At this point, things don’t look good. Crypto and INR withdrawals are paused. It is always best to practise self custody. It will be interesting to see how Indian Government responds, post Wazirx hack.

Stay tuned with Cryptobullsclub.com for more information.