Photo credit: jcomp/Freepik

Indian crypto exchange WazirX was hacked on July 18, with the perpetrators initially transferring approximately $234.9 million in funds to a different address.

On-chain security firm Cyvers first flagged the incident, reporting that it detected “multiple suspicious transactions” on the exchange’s Safe Multisig wallet on Ethereum. The funds then have since been moved to a different address, with each transaction’s caller funded by Tornado Cash.

The address has already converted Pepe (PEPE), Gala (GALA), and Tether (USDT) into Ether (ETH) and is actively converting other cryptocurrencies as well, Cyvers said.

WazirX confirmed the exploit, stating that it was “actively investigating the incident” and would share updates as the situation unravels. The exchange has also paused the Indian rupee and crypto withdrawals temporarily to ensure the safety of user assets.

Meanwhile, blockchain investigator ZachXBT said on Telegram that the hacker still has more than $100 million worth of Shiba Inu (SHIB) and over $4.7 million Floki Inu (FLOKI) to sell.

According to on-chain data, the exploited WazirX wallet primarily contained approximately $100 million worth of SHIB, $52 million of ETH, and $11 million of Polygon (MATIC). Smaller amounts of other crypto assets were also present, including $4.7 million of FLOKI, $3.2 million of Fantom (FTM), $2.8 million of Chainlink (LINK), and $2.3 million of Fetch.ai (FET), with the remaining funds spread across a wide variety of other tokens.

Blockchain analytics firm Elliptic claims North Korean hackers were behind the hack.

“On-chain analysis and other information reviewed by Elliptic indicates that this hack was perpetrated by hackers affiliated with North Korea,” Elliptic wrote in a blog post, adding that it has added the address associated with the perpetrator to its system for future alerts.

The crypto industry experienced a sharp rise in losses during the second quarter of 2024, reaching over $572 million. This increase was mainly fueled by a 155% surge in hacking incidents compared to the previous quarter. Despite this, losses due to fraudulent activities saw a significant 81% decrease compared to the same period in 2023.

July 18, 3:25 p.m. GST update: The story was updated to include Elliptic's claims that North Korean hackers were behind the attack.