<img src="https://cryptoslate.com/wp-content/uploads/2024/07/wazirx-hacker-ethereum.jpg” />
On-chain data shows that exploiter WazirX has converted most of the stolen assets from the Indian crypto platform into ethereum.
On July 18, WazirX was hacked for around $235 million worth of various digital assets, with blockchain researchers suggesting that the North Korean-backed Lazarus Group perpetrated the attack.
While the exchange quickly implemented measures to stop the theft, recovering the funds seems unlikely as the attacker actively converted the stolen assets into eth, the second-largest digital asset by market cap.
WazirX exploiter holds almost 60,000 eth.
Blockchain Analyst Lookonchain x.com/lookonchain/status/1814131536935129262″>reported that the attacker WazirX had converted the majority of the stolen assets into 43,800 eth, worth $149.46 million. This brings the total eth held by the attacker to 59,097 eth, valued at around $201.67 million.
Market observers suggested that the asset conversion was part of a sophisticated money laundering technique that also involves the use of cryptocurrency mixing services such as Tornado Cash to hide transaction traces.
Despite this, the exploiter's management still holds other relatively lesser-known digital assets worth up to $15 million. These include 1.66 billion DENT, worth $1.56 million, and 6.76 million CHR, worth $1.72 million, among others.
Meanwhile, on-chain data shows that the exploiter sent 7.7 million DENT, worth $7,300, to a new Binance deposit address. Lookonchain said:
“It is worth noting that the WazirX exploiter deposited 7.7 million DENT ($7,300) into a previously unused Binance deposit address.”
'Force Majeure'
An autopsy x.com/WazirXIndia/status/1813981143437611440?t=4L1XmUrkpbm6esav0CXilw&s=19″>report Data from the exchange showed that the affected wallet used the services of Liminal, a digital asset wallet and custody infrastructure provider.
WazirX explained that the exploit was due to discrepancies between the data in Liminal’s interface and the transaction content. He wrote:
“During the cyberattack, there was a discrepancy between the information displayed in the Liminal interface and what was actually signed. We suspect that the payload was replaced to transfer control of the wallet to an attacker.”
The exchange also described the attack as a “force majeure” event beyond its control and said it was actively working to recover the stolen funds.
Mentioned in this article
(tags to translate)eth
