“Hackers are light years ahead ”Says Cvyers Firm VP who found WazirX Hack

As a seasoned crypto investor with a decade of experience under my belt, I can confidently say that the WazirX hack story is a grim reminder of the risks we all take when venturing into this wild and unpredictable world of digital assets. The scale of the theft – $234.9 million or Rs 2000 crore – is enough to make even the most hardened investor sweat.


It was the morning of July 18 when WazirX crypto exchange founder Nischal Shetty received a dispatch call on Whatsapp from the Vice President of a Web3 Cyber Security Firm. The call was an alert for Shetty that hackers were fast draining wealth from a cold multi-signature wallet of his exchange. 

The sum stolen was immense – approximately $234.9 Million or Rs 2000 crore – of cryptocurrencies belonging to around 4.4 million users in India. At first, Shetty found it hard to accept this information and requested verification from the security company about the hack.

The company followed the provided evidence, however, when WazirX leadership aimed to implement defensive actions, the harm had already occurred and its effects persist, as hundreds of thousands of users remain apprehensive about the restoration of their frozen accounts on the platform, three months afterwards.

Interview with Michael Pearl, Vice President of Cyvers: We spoke about the increasing cyber threats in the web3 financial sector, intriguing patterns observed among hackers and scammers, and the role of Artificial Intelligence in anticipating and preventing such incidents.

During an engaging conversation with The Crypto Times Editor, Vaibhav Jha, Pearl discloses exclusive, previously unreported details about the massive cryptocurrency heist on WazirX, the largest exchange hack in India to date.

Hi there! Could you share with us how Cyvers identified the WazirX security breach that occurred on the morning of July 18?

Michael said, “Hi Vaibhav, I wanted to discuss the recent incident with WazirX. Despite having a robust infrastructure designed for protection, even the most reliable security firms would have vouched for their multi-signature wallet’s safety before July 18 due to multiple custodians involved in signing and partnership with Liminal Custody as a security partner. However, on July 18, none of these safeguards proved effective.

WazirX suffered an attack from a maliciously designed smart contract, intended solely to exploit a specific wallet address. To safeguard against such incidents, we utilize AI technology to scrutinize blockchain transactions, identify unusual activities, and analyze potentially harmful smart contracts. Our AI systems swiftly detected that a harmful smart contract had been deployed on a cold multi-signature wallet, depleting its assets. Unfortunately, at the time, we were unaware of who owned the exchange.

To make that connection functional, it’s crucial for us to collaborate with the organization to set up not only real-time monitoring systems but also a defensive firewall. We were the pioneers in identifying the WazirX hack, and with near certainty, if we had been working together, we could have effectively prevented the hack.

In reviewing the WazirX hack and the security report from Cyvers, I noticed that there were 61 significant cyber attacks reported in the year 2022-23. Upon closer examination, have you observed any recurring patterns among these hackers? Do you believe these incidents could be orchestrated by a single organization or possibly state-sponsored projects?

Michael: “Truthfully, it’s quite varied – there’s a bit of everything here. Just recently, a pair of Canadian siblings found themselves facing charges for a $20 million heist, which shows that we sometimes deal with hackers who work out of their homes, be it basements or garages.

In discussions about major cases like WazirX and BingX, we’re not referring to petty criminals. Instead, we’re dealing with high-level actors such as state-sponsored hackers or large corporations. The WazirX case serves as an example where the Lazarus Group is a potential suspect. This isn’t a game for amateurs; it requires substantial resources, advanced technology, skilled personnel, and robust infrastructure to play.

The Crypto Times: “Tell us about the real-time monitoring aspect of Cyvers.”

Michael: “We utilize artificial intelligence (AI) technology, boasting multiple AI systems educated on past cyber-attacks. Our AI capabilities allow for the anticipation and defense against ‘Zero Day Attacks,’ or attacks yet to occur. Additionally, we employ a transaction firewall that scrutinizes every incoming and outgoing transaction within our company, identifying harmful smart contracts and ultimately blocking them.

Inquiry: How have the targeted companies reacted in real-time during the 61 cyberattacks analyzed by Cyvers?

Michael: “Data shows that, on average, companies take four hours to respond to cyber attacks. Despite numerous audits by various organizations, this hasn’t been sufficient. Hackers often strike at unusual times like the middle of the night, weekends, and holidays, making it challenging to detect their activities promptly. It can be aggravating when we have to inform companies about a hack, and it seems like we’re doing so more frequently these days. Seeing someone’s life savings vanish before our eyes, with no immediate solution available, is heart-wrenching. This situation with WazirX users in India is deeply unfortunate.

Read More

Sorry. No data so far.

2024-10-29 14:29