One of the worst hacks for the crypto industry happened this morning in India; the WazirX exchange has been hacked, and more than 230 million USD (approximately 2,000 crore INR) was stolen. The breach which targeted the exchange’s Safe Multisig wallet on the Ethereum network was as complex as any professional criminal attack.
The highly professional approach to the hack further fueled speculations about the involvement of Lazarus Group – a North Korean cybercrime cartel known for its activities in the crypto sphere.
Methodical attack execution
At least eight days before the attack, the hackers rehearsed on the chain, which shows that the criminals were well-prepared. They achieved the hack by replacing the genuine multi-sig wallet with a fake one and this made the process of embezzlement easy.
Mudit Gupta, CISO at Polygon Labs, reckons that cybercriminals obtained two of the four private keys outright and the last two through signature phishing, a swindle involving exposing the walnut user to falsely signed transactions.
Lazarus group’s involvement
It is widely believed that the Lazarus Group, a North Korean cybercrime organization is behind this attack. Considered very technical and having a specific large-scale modus operandi, the group has been associated with multiple breaches in the past.
Consequently, regarding WazirX, one can identify signature phishing, as well as the use of such modern tactics as upgrading multi-sig contracts as specific features that adhere to the activities of the Lazarus Group which was similarly concluded by on-chain investigator ZachXBT. They have emphasised the growing potential of state-sponsored actors as a crypto menace.
Lazarus Group has been confirmed to have been involved in the Harmony Bridge attack by the FBI and they withdrew about 100 million through protocol vulnerabilities. Moreover, Lazarus bears the other attack of a $625 million hack on the Ronin bridge, making it evident the group’s ability and relentlessness for the crypto business.
The size of the operation of the Lazarus Group
Lazarus Group could be considered as one of the most famous large-scale cyber heist groups with their activities linked to nuclear missile and weapon programme funding for North Korea. The group cashed out more than $60 million of Ether with the identity-hiding method RAILGUN in 2022, and like the others, tumblers such as Tornado Cash and Sinbad to hide their profits which were sanctioned by the authorities.
Read Also: WazirX Under Attack! SHIB, PEPE, LINK, MATIC Impacted in $230 Million Hack
Earn more CFN tokens by sharing this post. Copy and paste the URL below and share to friends, when they click and visit Parrot Coin website you earn: https://cryptoforum.news0
CFN Comment Policy
Your comments MUST BE constructive with vivid and clear suggestion relating to the post.
Your comments MUST NOT be less than 5 words.
Do NOT in any way copy/duplicate or transmit another members comment and paste to earn. Members who indulge themselves copying and duplicating comments, their earnings would be wiped out totally as a warning and Account deactivated if the user continue the act.
Parrot Coin does not pay for exclamatory comments Such as hahaha, nice one, wow, congrats, lmao, lol, etc are strictly forbidden and disallowed. Kindly adhere to this rule.
Constructive REPLY to comments is allowed