Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label WazirX. Show all posts
WazirX
Crypto Hacks Cyber Attacks CyberCrime Cyberhacekrs Cybersecurity Tornado Cash WazirX

WazirX Hacker Starts Moving Stolen Ether Anonymously Using Tornado Cash

 


As a result of an attack by an unknown entity, some of the $234 million allegedly stolen from the WazirX exchange in one of India's worst crypto hacks has already been laundered. This action occurred on the same day the platform released its recapture plan. It was discovered that the perpetrator on Monday moved 2,500 Ether tokens worth about $6.3 million to Tornado Cash - a service that even blurs the origin of crypto assets - after attending the briefing session led by WazirX cofounder Nischal Shetty, who is based in Dubai.

In August, WazirX was hacked by an unknown group of hackers, who have remained unidentified since the heist took place in July and are reportedly moving the funds that have been stolen around. A recent piece of data collected by Arkham Research suggests that the hacker is using a controversial platform called Tornado Cash to commit his crimes. 

A hacker who stole more than $230 million (roughly Rs. 1,900 crore) appears to have moved some $54.5 crore of Ether tokens worth of the stolen cryptocurrency $230 million into Tornado Cash, a cryptocurrency platform that is now sanctioned by the United States government. Using Tornado Cash, users can deposit their crypto tokens into a pool that contains various crypto tokens and then have their funds transferred to the destination wallet in the form of other cryptocurrencies after depositing their funds. 

Over the past few years, Tornado Cash has become one of the most popular tools used by cybercriminals who want to let no evidence of their illicit activities trail them when transferring funds they have gained through illicit means. As the data by Arkham shows, the hacker was able to facilitate 26 transactions through the use of his credentials to transfer the aforementioned amount to a Tornado Cash address. 

Furthermore, Etherscan data showed that the hacker moved the funds through various Bitcoin transactions, each carried out with 100 Ethereum units. It has been reported that social media users have been able to capture pictures of these details. Data tracked by Arkham shows that the attacker moved nearly $4 million worth of ether [ETH] in 16 transactions through a Tornado Cash router, some of which were obtained through the Ethereum network. 

This address is currently holding over $155 million worth of various tokens, with a majority of the funds being ether, which at $150 million has accumulated over the past few months. On the other hand, WazirX recently revealed that, almost one week before the withdrawal window was supposed to open, users had begun to be able to withdraw up to 66% of their Indian rupee token balances from the exchange.  

As a result of the theft of funds, over 45% of the total reserves cited by the exchange in a June 2024 report have gone missing - and the exchange has since filed for a restructuring process to move forward on clearing its liabilities to recover the money. In a statement on Monday, WazirX's legal advisers stated that it is unlikely that the company will be able to make good on its obligations in crypto terms going forward, with the best-case scenario being a refund of anywhere between 55% and 57%. 

This attack is believed to have been conducted by Lazarus, a North Korean hacking unit, as previously reported by Reuters. It has been estimated that the group laundered over $1 billion in stolen funds through this service before OFAC sanctions were imposed in 2022, according to estimates put forward by the group. Nischal Shetty, father of WazirX and co-founder of the company, confirmed that the hacker hasn't been identified yet. 

The Lazarus Group, a notorious hacking group that has been associated with North Korea for quite a while, has previously been alleged to have been involved in this hack. Last week, WazirX initiated its first steps toward financial restructuring in the aftermath of the recent hacking incident. As part of this effort, the cryptocurrency exchange has filed for a moratorium in a Singapore court. 

This legal action grants WazirX a reprieve, allowing it additional time to thoroughly assess its financial liabilities and reorganize its capital structure. The entire restructuring process is expected to take up to six months before it is fully completed. In the interim, WazirX has reopened withdrawals for Indian Rupees (INR) on its platform. 

The exchange is actively encouraging its users to withdraw 66 percent of their unfrozen INR balances, which have been made available for withdrawal at this stage. This measure is aimed at ensuring greater user security and providing liquidity during the ongoing restructuring phase.
Read more »
WazirX
Crypto Currency Cyber Attacks online money WazirX

India's Largest Crypto Theft: INR 2,000 Crore Stolen from WazirX Exchange Wallet

 

In a shocking incident that marks India's largest crypto theft to date, nearly ₹2,000 crore (approximately $230 million) worth of cryptocurrencies were stolen from a wallet associated with the WazirX exchange last month. This massive theft has resulted in significant financial losses for thousands of people. WazirX quickly reported the theft to the central cybercrime portal, the Financial Intelligence Unit, and the Indian Computer Emergency Response Team. 

Additionally, a police case was filed in Delhi to address the situation. Two digital forensics firms, Pelorus Technology and Crystal Intelligence, provided insights into how such a large-scale theft could occur despite the wallets being secured with multi-level authentication. 

Crystal Intelligence, a blockchain intelligence firm, employs a security tool that monitors crypto transactions in real-time, helping trace the stolen funds. After WazirX shared the identity of the compromised wallet, cyber investigators worldwide used the Crystal tool to track the money trail. 

The investigation revealed that the theft had been planned since July 10, with around 200 transactions originating from the recipient's wallets on July 18. On the day of the robbery, the stolen cryptocurrencies were quickly converted into other forms of cryptocurrency and transferred in smaller amounts to multiple wallets linked to two different exchanges. Over just a few days, around 2,000 transactions were made. Between July 18 and 22, about 95% of the stolen funds were consolidated into three wallets that currently appear unlinked to any exchange. 

"When we started investigating, we saw a parallel story. First, the wallet was compromised and from there, the thief transferred 230 million dollars to his wallet. This was in different cryptocurrencies. At the same time, when we saw its back trail, a transaction was seen funding that wallet from Tornado Cash for a few days. The dates show he (thief) had been preparing from July 10," Sanjeev Shahi, Country Manager, Crystal Intelligence reported. 

Experts believe that the thief used a Tornado Cash wallet to pay the transaction fees required for crypto transfers, which helped them conceal their identity. Tornado Cash operates like a hawala, facilitating anonymous transfers and making it difficult to trace the stolen funds.  

Further, Shahi added that the malicious group can not use stolen funds. "Today, even though the funds are on the blockchain, he cannot use them. To use them, he has to come to the real world and convert it into fiat. As soon as he comes to the real world, his identity will be revealed."
Read more »
WazirX
$2 Billion Crypto Exchange Technology WazirX

Crypto Exchange Platform WazirX Hit a Record High of $2 Billion in Trading Volumes

 

Cryptocurrency exchange platform, WazirX has almost doubled its trading volumes since February 1st, 2021 regardless of fears of a government-imposed ban on crypto assets. According to a tweet by Nischal Shetty, founder of WazirX, India’s largest crypto exchange platform reached $2.3 billion in trading volumes on 21 February. On 21 January, exactly a month, ago volumes were at $1.4 billion and on 20 December volumes were at $500 million.

The future of crypto trading in India looks very bleak, the government of India will be introducing a bill in parliament that will explicitly ban private cryptocurrencies such as bitcoin. The cryptocurrency and Regulation of Official Digital Currency Bill, 2021 as named by the government will “create a facilitative framework for the creation of the official digital currency to be issued by the Reserve Bank of India.”

However, the government didn’t define the word ‘private cryptocurrency’ but experts believed that the bill will make it illegal to buy, sell or deal in Bitcoin, Ethereum, and other cryptocurrencies in the country.

In April 2018, the Reserve Bank of India issued a notice directing all the financial institutions to cut all ties with individuals or companies trading with virtual currencies such as Bitcoin within three months. For those trading with digital currency, the commission further proposed a prison sentence of up to 10 years and substantial penalties. Two years later in 2020, the Supreme Court overturned the decision of the Reserve Bank of India and allowed banks to control exchanges and traders’ cryptocurrency transactions.

Nischal Shetty told Mint that “crypto is a global phenomenon. The moment a Tesla spends $1.5 billion, your wealth in India has increased. Most of your investments are very local, but in crypto, anyone anywhere in the world can affect your wealth. People in India have been joining based on all of this positive news that’s been coming.”
Read more »
Subscribe to: Posts (Atom)