Lazarus Group Behind $44M CoinDCX Heist, Experts Find Same Exploit Pattern as WazirX
The July 19 heist on Indian crypto exchange CoinDCX, compromising $44 million, is reportedly linked to the infamous North Korean Lazarus Group.
According to cybersecurity experts from Cyvers, the incident follows the same exploit pattern as WazirX. Surprisingly, WazirX’s security breach occurred on the same date last year, resulting in a loss of $234 million through a series of suspicious transactions.
CoinDCX later confirmed the hack on its operational wallet, assuring that user funds remain unaffected.
Hackers Only Took 5 Min to Siphon Funds – Analysis
The cybersecurity team emphasised that the speed, precision, and cross-chain sophistication of this breach made it “alarming.”
The North Korean hacker group carefully planned a pre-attack setup from July 16, conducting a “test transaction” on 1 USDT.
“In just five minutes, 44 million USDT is siphoned out in rapid-fire bursts,” the analysts wrote, citing 7 separate transactions.
Hackers stole around $44.2M in USDC/USDT from one of the exchange’s operational wallets on Solana, Cyvers added.
Further, the Cyvers team stressed that the attacks on two distinct Indian crypto exchanges, WazirX and CoinDCX, “aren’t coincidences,” but “warnings.”
“If Lazarus is accelerating its focus on India’s largest exchanges, preemptive threat prevention isn’t optional,” cybersecurity experts noted. “It’s the only line of defense.”
CoinDCX Announces Recovery Bounty Program
The exchange has announced a recovery bounty program, where up to 25% of any recovered funds will be awarded to individuals or teams that help trace and retrieve the stolen crypto.
CoinDCX CEO Sumit Gupta took to X, stressing the need to identify and catch the attackers, more than recovering the stolen funds.
“Because such things shouldn’t happen again, not with us, not with anyone in the industry,” he wrote. “We will fight this and ensure that the Indian crypto community comes out of this stronger.”
Per the announcement, depending on the success of the assets recovery, the bounty could amount to as much as $11 million.
The post Lazarus Group Behind $44M CoinDCX Heist, Experts Find Same Exploit Pattern as WazirX appeared first on Cryptonews.
Read More
$44,200,000 Vanishes From Crypto Exchange After Internal Account Compromised in Server Breach
CoinDCX offers $11 million bounty after Lazarus Group-linked $44 million heist
Lazarus Group Behind $44M CoinDCX Heist, Experts Find Same Exploit Pattern as WazirX
The July 19 heist on Indian crypto exchange CoinDCX, compromising $44 million, is reportedly linked to the infamous North Korean Lazarus Group.
According to cybersecurity experts from Cyvers, the incident follows the same exploit pattern as WazirX. Surprisingly, WazirX’s security breach occurred on the same date last year, resulting in a loss of $234 million through a series of suspicious transactions.
CoinDCX later confirmed the hack on its operational wallet, assuring that user funds remain unaffected.
Hackers Only Took 5 Min to Siphon Funds – Analysis
The cybersecurity team emphasised that the speed, precision, and cross-chain sophistication of this breach made it “alarming.”
The North Korean hacker group carefully planned a pre-attack setup from July 16, conducting a “test transaction” on 1 USDT.
“In just five minutes, 44 million USDT is siphoned out in rapid-fire bursts,” the analysts wrote, citing 7 separate transactions.
Hackers stole around $44.2M in USDC/USDT from one of the exchange’s operational wallets on Solana, Cyvers added.
Further, the Cyvers team stressed that the attacks on two distinct Indian crypto exchanges, WazirX and CoinDCX, “aren’t coincidences,” but “warnings.”
“If Lazarus is accelerating its focus on India’s largest exchanges, preemptive threat prevention isn’t optional,” cybersecurity experts noted. “It’s the only line of defense.”
CoinDCX Announces Recovery Bounty Program
The exchange has announced a recovery bounty program, where up to 25% of any recovered funds will be awarded to individuals or teams that help trace and retrieve the stolen crypto.
CoinDCX CEO Sumit Gupta took to X, stressing the need to identify and catch the attackers, more than recovering the stolen funds.
“Because such things shouldn’t happen again, not with us, not with anyone in the industry,” he wrote. “We will fight this and ensure that the Indian crypto community comes out of this stronger.”
Per the announcement, depending on the success of the assets recovery, the bounty could amount to as much as $11 million.
The post Lazarus Group Behind $44M CoinDCX Heist, Experts Find Same Exploit Pattern as WazirX appeared first on Cryptonews.
Read More
$44,200,000 Vanishes From Crypto Exchange After Internal Account Compromised in Server Breach