Today (Thursday), Cyvers Alert, a Web3 security firm, announced the detection of multiple suspicious transactions involving WazirX’s Safe Multisig wallet on Ethereum. The firm identified that $234.9 million in funds from the wallet were transferred to a new address.
Each transaction’s caller was funded by Tornado Cash, a decentralized protocol for private transactions. The new address has already swapped the transferred funds, which comprised Tether.
Funds Shifted Secretly
Crypto sleuth ZachXBT, in a Telegram post in the “Investigations by ZachXBT” channel, announced that the suspected primary attacker address still has over $104 million to dump. A review of the address holdings revealed the wallet mainly contains approximately $100 million in Shiba Inu.
It also holds $4.7 million in FLOKI, $3.2 million in Fantom, $2.8 million in Chainlink, and $2.3 million in Fetch.ai. The remaining funds are split between a wide range of other tokens.
In response to the security breach, WazirX has temporarily paused the withdrawal of cryptocurrencies and INR on its platform. The exchange posted on X, formerly known as Twitter, explaining that they are actively investigating the incident and will provide updates as the situation develops.
Increasing Crypto Security Breaches
Earlier, CoinStats, a crypto portfolio management platform, experienced a major security breach, as reported by Finance Magnates. This sophisticated hack involved social engineering, tricking an employee into compromising the company's AWS infrastructure, resulting in the theft of $2 million in crypto assets.
Cybercriminals exploited Orbit Bridge, a service of the cross-chain protocol Orbit Chain, stealing about $82 million in cryptocurrencies. Orbit Chain confirmed the attack occurred on December 31, 2023, and is currently investigating the issue with international law enforcement.
