WazirX, one of the country’s major cryptocurrency firms, suffered one of the biggest cyberattacks on an Indian exchange after hackers allegedly stole more than $230 million of users’ holdings, which was nearly half of the platform’s reserves. The incident highlights the security challenges that cryptocurrency exchanges face, and how they have become a target for hackers worldwide. WazirX called the security breach a “force majeure event” which was “beyond its control”. “We have already blocked a few deposits and reached out to concerned wallets for recovery. We are in touch with the best resources to help us in this endeavour,” the company said in a statement. The company has temporarily halted rupee and crypto withdrawals on the platform. Here is what happened. What caused the WazirX security breach? In its preliminary findings, WazirX said that the cyber attack stemmed from a discrepancy between the data displayed on Liminal's interface and the transaction's actual contents. Liminal is a separate digital asset custody and wallet infrastructure provider. During the cyber attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. “We suspect the payload was replaced to transfer wallet control to an attacker,” WazirX said. “A cyber attack occurred in one of our multisig wallets involving a loss of funds exceeding $230 million. This wallet was operated utilising the services of Liminal's digital asset custody and wallet infrastructure from February 2023,” it added. A cryptocurrency wallet known as a MultiSig wallet (Multi-Signature wallet) involves the usage of two or more private keys to sign and approve transactions. WazirX’s wallet custody service provider Liminal Custody, however, said no breach had happened within its ecosystem. “Our preliminary investigations show that one of the self-custody multisig smart contract wallets created outside of the Liminal ecosystem has been compromised,” it said in a statement. “We can confirm that Liminal’s platform is not breached and Liminal’s infrastructure, wallets and assets continue to remain safe.” WazirX said its wallet had six signatories— five from its own team and one from Liminal, who were responsible for transaction verifications. A transaction typically requires approval from three of the WazirX signatories (all three of whom use Ledger Hardware Wallets for security), followed by the final approval from Liminal's signatory. “A policy to whitelist destination addresses was also in place to enhance security. These whitelisted addresses were earmarked and facilitated on the interface by Liminal; consequently, the WazirX team had the ability to initiate transactions to the said whitelisted addresses,” the company said. “We had robust security features, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy. Despite us taking all necessary steps to protect the customer assets, the cyber attackers appear to have possibly breached such security features, and the theft occurred,” it added. What have been some of the biggest crypto breaches? The WazirX cyberattack is not just the biggest security breach of a cryptocurrency exchange in India, but is among the top hacks in the world, too. 2022 was the biggest year for crypto hacks. According to blockchain data platform Chainalysis, over $3.8 billion worth of cryptocurrency was stolen from users in 2022. In 2023, the number came down to about $1.7 billion. The biggest crypto hack so far took place in March 2022 when hackers attacked the Ronnin network. They stole about $625 million worth of Ethereum and the USDC stablecoin. In August 2021, a hacker exploited a vulnerability in Poly Network’s system, stealing over $600 million in funds, but surprisingly did not leave with the entire amount and returned most of it. In October 2022, the Binance crypto exchange suffered a major security breach, resulting in a loss equivalent to $570 million.
