WazirX Hack Fallout: $149 Million in Altcoins Converted to Ether Amidst Rising Tether Scams

2024-07-31, 06:40

[//]:content-type-MARKDOWN-DONOT-DELETE
![](https://gimg2.gateimg.com/image/article/17224075431690791857hotspot.jpeg)
## [TL; DR]
WazirX crypto exchange lost cryptocurrencies worth over $230 after a security breach.

The WazirX exploiters converted altcoins valued at around $149 million into ETH.

There is a need for crypto investors to be aware of emerging threats such as the use of fake <a href="/pt/price/tether-usdt" target="_blank" class="blog_inner_link">Tether</a> USDT.

## Introduction 
Cyber-crimes seem to continue despite efforts many crypto firms are putting in place to prevent them. The high incidence [of cryptocurrency thefts](https://www.gate.io/blog_detail/2237 "of cryptocurrency thefts") taints the role they play in the global economy, retarding the [rate of adoption of digital assets](https://www.gate.io/learn/articles/predicting-the-next-five-years-of-cryptocurrency-2024-2029-innovations-regulations-and-market-predictions/3267 "rate of adoption of digital assets"). This analysis focuses on the WazirX hack where the exchange lost altcoins worth around $230. We will also look at security measures blockchain based firms may implement [to prevent thefts of digital assets](https://www.gate.io/learn/articles/blockchain-in_script_ion-fraud-schemes-and-how-to-prevent-them/3092 "to prevent thefts of digital assets").

## WazirX Security Breach: A Detailed Overview
On 18 July WazirX, one of the leading Indian crypto exchanges, was cyber-attacked resulting in a loss of altcoins [worth over $230 million](https://www.gate.io/learn/articles/gate-research-bitcoin-retraces-to-the-63000-support-level-wazirx-suffers-over-230-million-loss-due-to-attack/3567 "worth over $230 million"). The attackers compromised one of WarzirX’s multisig wallets. As a fact, since February 2023 the compromised wallet was managed using Liminal’s wallet infrastructure and digital asset custody. After the hack it became difficult for the crypto exchange to maintain its 1.1 collateral against other assets.

It is important to note that the compromised digital wallet had six signatories, meant to ensure that transactions were secure through multiple approvals. Earlier investigations revealed that the main cause of the wallet breach was the discrepancies that occurred between the contents of the actual transactions and the data displayed on Liminal’s interface. Also, the investigators have revealed that the attackers replaced the payload which enabled them to get control of the cryptocurrencies.

Clarifying the issue on X [WazirX said](https://x.com/WazirXIndia/status/1813981143437611440 "WazirX said"), “During the cyber-attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. We suspect the payload was replaced to transfer wallet control to an attacker.”

It is not very clear as to how the cryptocurrency security breach succeeded considering that several safety measures including the whitelisting policy and <a href="/pt/price/gnosis-gno" target="_blank" class="blog_inner_link">Gnosis</a> Safe multisig smart contract platform were in place. Regarding this [WazirX said](https://x.com/WazirXIndia/status/1813981143437611440 "WazirX said"), “Despite us taking all necessary steps to protect the customer assets, the cyber attackers appear to have possibly breached such security features, and the theft occurred.”

Nevertheless, Liminal maintains that its infrastructure and the WazirX wallet on its platform were not compromised, meaning that the attacks occurred outside its infrastructure. In the meantime, the exchange has promised to do all it can to recover some of the stolen assets and track the perpetrators. Nonetheless, it has described the cryptocurrency security breach as beyond its control. In an [X post WazirX stated](https://x.com/WazirXIndia/status/1813981143437611440 "X post WazirX stated"): “This is a force majeure event beyond our control, but we are leaving no stone unturned to locate and recover the funds. We have already blocked a few deposits and reached out to concerned wallets for recovery.”

## WarzirX’s Response: Action Against the Attackers 
Although the crypto exchange temporarily stopped deposits and trading it has taken several steps against the attackers. First, it reported the cyber-theft to a number of law enforcement agencies such as the National Cyber Crime Reporting Portal and the Financial Intelligence Unit (FIU) India and CERT-In.

It has also coordinated with various cryptocurrency exchanges to block the wallets used during the attacks. In its effort to recover some of the stolen cryptocurrencies [WazirX](https://www.gate.io/how-to-buy/wazirx-wrx "WazirX") engaged cybersecurity experts. Finally, it has offered a bounty of up to 10% of the stolen crypto assets. In an X post it explained the reward it offers to any one who may help in the recovery process of the stolen digital assets. [It stated](https://x.com/WazirXIndia/status/1813981143437611440 "It stated"), “Rewards of up to $10,000 worth of USDT will be given for actionable intelligence that leads to the freezing and recovery of the stolen funds. We are offering 10%, i.e., up to $23 Million, as White Hat Bounty.”

Read also: [WazirX Price Prediction & Forecast for 2025-2030](https://www.gate.io/price-prediction/wazirx-wrx "WazirX Price Prediction & Forecast for 2025-2030")

## Hackers’ Effort to Avoid Being Caught: Conversion of Stolen Altcoins to Ether
In what seemed to be a premeditated move the hackers converted most of the crypto loot to ETH. Based on Elliptic’s analysis the hacker stole crypto assets, consisting of <a href="/pt/price/shiba-inu-shib" target="_blank" class="blog_inner_link">Shiba Inu</a>, PEPE, Matic and Ether, worth over $235 million as the following graph shows. 
![](https://gimg2.gateimg.com/image/article/17224077931.jpg)
WarzirX’s Crypto Loss- Elliptic

As observed on <a href="/pt/price/the-graph-grt" target="_blank" class="blog_inner_link">the graph</a> several cryptocurrencies including USDT and Floki were stolen. According to [WazirX the bad actors stole over 45%](https://wazirx.com/blog/wazirx-releases-proof-of-reserves-for-june-2024/ "WazirX the bad actors stole over 45%") of its reserve assets. Lookonchain, a digital analytics firm, reports that the attackers converted most of the stolen cryptocurrencies into ETH. 
![](https://gimg2.gateimg.com/image/article/17224078242.jpg)
Source: x.com

As the image indicates, the WazirX exploiters converted the assets into 43,800 ETH worth around $149.46 million at that time. It still holds 59,097 ETH valued at $201.67 million. In addition, they deposited 7.7 million DENT in a Binance wallet that had never been used before. They resorted to altcoin to Ether conversion because of ETH’s high liquidity. Also, it is not possible to blacklist ETH since it is a decentralized token. However, such conversion did not lead to any negative <a href="/pt/price/ethereum-eth" target="_blank" class="blog_inner_link">Ethereum</a> market impact as its price remained normal during the cited period.

## Rise of Fake Tether: Exploring the Surge of Counterfeit Tether Transactions within the Asia Express region
As you note in the WarzirX’s case hackers are devising new methods of stealing digital assets. Right now, there is a new trend where some attackers are using counterfeit Tether to swindle funds from unsuspecting crypto users. With these Tether scams, mostly prevalent in the Asia Express region, the attackers create fake USDT tokens which they sell to other crypto users.

The behavior of the fake Tether is similar to that of real USDT. For example, it is easy to transfer to a USDT wallet. You can also go to the block explorer and confirm the transaction. However, if someone sends you the fake USDT it does not get into your digital wallet. The best way to prevent the Tether scam is to make transactions with the people you know. It is also wise to carry out Tether USDT transactions on crypto exchanges such as Gate.io and Coinbase.

## Cyber-security Analysis: Is there a Link between WazirX Exploit and Tether Scams
Currently, there has been no direct connection between the WazirX exploit and Tether scams. However, there are several things to note about the two. It seems that the WazirX exploiters are some of the people behind the Tether scam. This is because the wallet addresses which were used during the WazirX exploitation were also used for Tether scams. Also, the WazirX exploit and some Tether scams occurred around the same time. However, there has not been any official comment from WazirX and investigation teams on the connection between the two occurrences.

Read also: [Top 10 Crypto Scams and How to Avoid Them](https://www.gate.io/learn/articles/top-10-crypto-scams-and-how-to-avoid-them/2556 "Top 10 Crypto Scams and How to Avoid Them")

## The Future of the Cryptocurrency Sector in the Face of Security Threats
No doubt, crypto users face many threats from time to time. There are several blockchain security measures decentralized digital asset investors should take to protect their assets. First, it is important to know existing cryptocurrency regulations in the jurisdiction you operate from. For example, know how taxation laws work in your country to prevent financial liabilities that may arise from your failure to follow these regulations.

Similarly, be acquainted with crypto investor guidance to prevent unnecessary losses. For example, every investor should store most of their crypto assets in hard wallets. They should also use crypto exchanges and DeFi platforms that use two factor authentication and know-your-customers (KYC) to conduct crypto transactions. Finally, any crypto investor should diversify his/her crypto investments rather than putting all the funds in one cryptocurrency such as <a href="/pt/price/bitcoin-btc" target="_blank" class="blog_inner_link">bitcoin</a>. This is because if the price of that asset becomes volatile one may lose much money.

read also: [Frequent Scams and Theft in the Crypto Space](https://www.gate.io/learn/articles/frequent-scams-and-theft-in-the-cryptocurrency-space-how-can-ordinary-people-protect-themselves/3497 "Frequent Scams and Theft in the Crypto Space")

## How Gate.io Protects Your Funds
It is also important for crypto investors to use secure exchanges that protect their assets. Gate.io is one of the most secure crypto exchanges on the market since it institutes various blockchain security measures.

Read also: [Protecting Your Digital Assets in the Crypto Sector](https://www.gate.io/blog_detail/2460/security-measures-at-gateio-protecting-your-digital-assets-in-the-crypto-landscape "Protecting Your Digital Assets in the Crypto Sector")

Cold Storage: Gate.io stores most of the digital assets in its custody in offline wallets which are difficult to hack.

Multi-Signature Wallets: It uses multisig wallets which are very difficult to breach and steal the assets.

Two-Factor Authentication: The exchange deploys a robust and proven two factor authentication system which provides an extra layer of security to your digital assets.

Data Encryption: The sensitive data on the platform such as passwords is encrypted which makes it difficult for potential exploiters to crack.

Other security measures: In addition to the above, Gate.io complies with regulations in countries that it operates in. Also, it has transparent policies, secure data centers and regular security audits.

## Conclusion
In a recent crypto exploit WazirX lost cryptocurrencies worth over $230 million. Out of these the hackers converted altcoins valued at around  $149 million to ETH since it has high liquidity. Apart from this, around the same period there was an emergence of a new type of scam, the development and use of fake Tether USDT. To prevent some unnecessary loss of crypto assets investors should store them in cold storage and use secure exchanges such as Gate.io.

<div class="blog-details-info">
<div>Author:* Mashell C.*, Gate.io Researcher
<div class="info-tips">\*This article represents only the views of the researcher and does not constitute any investment suggestions.
<div>\*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all cases, legal action will be taken due to copyright infringement.
</div>

Partilhar

İçerik

Credit Ranking

Complete Gate Post tasks to upgrade your rank