Prominent Indian cryptocurrency exchange WazirX suspended withdrawals on Thursday following a security breach that resulted in the loss of $230 million, approximately half its reserves. The breach, which WazirX described as a “force majeure event,” involved the compromise of one of its multisig wallets.

The Mumbai-based firm revealed that the compromised wallet required six signatories for authentication, five of whom were part of the WazirX team. The security incident was attributed to a discrepancy between data displayed on Liminal’s interface and the actual transaction contents.

In a statement, WazirX said, “At WazirX, our commitment to transparency and community welfare is paramount. There was a cyber attack on one of our multisig wallets. Below are the preliminary findings to clarify the situation:”

They continued, “A cyber attack occurred in one of our multisig wallets involving a loss of funds exceeding $230 million. This wallet was operated utilizing the services of Liminal’s digital asset custody and wallet infrastructure from February 2023.” WazirX elaborated on the mechanics of the breach, noting, “The wallet had six signatories—five from our WazirX team and one from Liminal, who were responsible for transaction verifications.”

According to TechCrunch, Liminal, a wallet infrastructure provider, stated that the compromised wallet had been created outside its ecosystem. According to WazirX, during the attack, the payload was replaced, transferring control of the wallet to the attacker.

Blockchain explorer Lookchain reported that the breach involved the theft of over 200 cryptocurrencies, including:

  • 5.43 billion SHIB tokens
  • 15,200 Ethereum tokens
  • 20.5 million Matic tokens
  • 640 billion Pepe tokens
  • 5.79 million USDT
  • 135 million Gala tokens

Blockchain data indicates that the attackers are attempting to offload these assets using the decentralized exchange Uniswap. Risk management platform Elliptic suggested that the hackers have affiliation with North Korea.

The loss of $230 million is a severe blow to WazirX, which disclosed holdings of approximately $500 million in its June proof-of-reserves report. In response to the incident, CoinSwitch and CoinDCX, two other leading Indian crypto exchanges, reassured their users that their funds were secure and unaffected.

CoinDCX CEO Sumit Gupta emphasized the robustness of their wallet security, while CoinSwitch CEO Ashish Singhal advised caution during trading due to potential market volatility.

In more bad news for the financial sector, Prudential recently revised its assessment of a February cyberattack, revealing that the personal information of 2.5 million customers were stolen — a far cry from the initially reported 36,000.