North Korea likely behind takedown of Indian crypto exchange WazirX

Indian cryptocurrency exchange WazirX has disclosed the loss of virtual assets worth over $230 million due to a cyberattack that has been linked to North Korea. In a statement shared late Thursday on its Xeet platform, WazirX reported that the attack targeted one of its multi-signature wallets—a type of digital asset storage that provides enhanced security by requiring multiple private keys to authorize transactions.
WazirX’s transaction verification process mandates approvals from multiple parties. The compromised wallet had six signatories, including five from WazirX’s team and one from Liminal. Most transactions on the platform required authorization from three of WazirX’s signatories, with final approval from Liminal’s signatory.
According to WazirX, the attackers exploited a discrepancy between Liminal’s interface and the underlying transaction data. This vulnerability enabled the attacker to gain control of the wallet, bypassing the multi-signature security protocol.
Upon discovering the breach, WazirX immediately halted all cryptocurrency withdrawals. The exchange stated that it had already blocked certain deposits and contacted the affected wallet owners to assist in recovery efforts.
WazirX has categorized the incident as a “force majeure” event—a term typically used to describe unavoidable disasters such as natural calamities or wars. Despite taking all necessary precautions to safeguard customer assets, it appears the cyber attackers successfully bypassed these security measures, resulting in the theft, the exchange stated. WazirX emphasized that it is leaving no stone unturned to locate and recover the stolen funds.