WazirX hack
About $230M+ was stolen from India's largest crypto exchange, WazirX, in July 2024 after attackers compromised a multisignature wallet and altered its logic. Blockchain analysts attributed the theft to North Korea's Lazarus Group.
Also known as: WazirX, WazirX hack
Summary
On July 18, 2024, WazirX — then India's largest cryptocurrency exchange — lost an estimated $230–235 million from one of its multisignature wallets, including large amounts of Shiba Inu, Ether, Polygon, and Pepe tokens. [1][2]
Cause and attribution
Analysts reported the attackers, after seeding the attack days earlier, induced WazirX signers to approve a transaction that altered the smart contract governing the multisig, giving the attackers full control to drain it. Blockchain-analytics firm Elliptic and others attributed the hack to the Lazarus Group based on on-chain and laundering patterns. WazirX, which used third-party custody from Liminal, and Liminal each disputed where the compromise originated; the loss forced a restructuring and froze customer withdrawals. [1][2][3]
Bracketed numbers refer to the numbered sources listed below.
People & entities involved
Sources (3)
See also
- Loci (LOCIcoin)TokensA 2017–2018 ICO for 'LOCIcoin' tied to the InnVenn IP-search platform. The SEC charged Loci and CEO John Wise with fraud for raising $7.6M on false claims about revenue, headcount, and user base; Wise also misused investor funds. Settled with a $7.6M penalty and an officer/director bar.
- Blockchain Terminal (BCT)TokensA 2017–2018 ICO (BCT tokens, ~$30M) for a 'Blockchain Terminal' — a Bloomberg-style crypto trading terminal. The SEC and DOJ said convicted ex-hedge-funder Boaz Manor secretly ran it under a fake identity ('Shaun MacDonald'), using associate Edith Pardo as a front, and lied about the product's adoption.
- Crowd Machine (CMCT)Tokens
This page was last updated on Jun 8, 2026. View revision history.