On-chain sleuths have linked the latest attack on Indian cryptocurrency exchange WazirX to North Korea-based cybercriminals, the latest in a series of coordinated attempts by groups present in the East Asian nation to bleed the growing industry.

After blockchain analytics firm Elliptic’s preliminary inquiry, which tied the $230 million exploit to North Korea, on-chain detective ZachXBT suspected the involvement of the notorious Lazarus Group.

North Korean hackers have long tormented the cryptocurrency space, stealing a whopping $2 billion over the last two years, according to analytics firm Chainalysis.

Benzinga talked to experts to understand why the industry has become a soft target for these unscrupulous players.

‘A Tool To Circumvent Financial Sanctions’

Stephanie Talamantez, a former FBI agent, and currently the Managing Director at security consultancy firm Guidepost Solutions, told Benzinga that these are nothing but financially motivated crimes that exploit the relative ease of cryptocurrency transfers. 

“These hacks enable North Korea to swiftly acquire funds while circumventing imposed restrictions and sanctions,” Talamantez stated. 

She added that the FBI has been relentlessly pursuing Lazarus Group, the syndicate believed to be behind many of the high-profile cryptocurrency hacks, but faces challenges in acting against the perpetrators due to the sanctuary provided by the North Korean government.

“These hacks are state-sponsored activities, and there have been many published reports that these hackers are recruited and trained from an early age,” the former FBI officer said. “They are believed to be part of a grand internal vision for the future of strengthening North Korea’s economy.”

These assertions are not unfounded, as even the U.S. government claims that the illegal proceeds from the thefts are used to fund North Korea’s weapons and missile program.

See Also: Bitcoin, Ethereum, Dogecoin Fall As Trump’s Presidency Odds Dip On Prediction Market: Analyst Highlights ‘Long The Dip Time’

Lack Of Regulations To Blame?

Dr. Michael Skiba, an international expert on financial crime and fraud, said the cryptocurrency industry remains at the top of Lazarus Group’s list as they see it as a low-risk, high-reward endeavor. 

Skiba, who is currently the Criminal Justice Program Director at Colorado State University Global, blamed the industry’s regulatory landscape in part for its undoing. 

“The Lazarus Group employs very sharp IT people who have a high degree of expertise in cryptocurrency, as it is very unchartered ground as far as regulation, law enforcement jurisdiction, and penalties are concerned.”

The vulnerabilities of the cryptocurrency space were acknowledged by people working within the industry as well. 

Jared Grey, CEO of Sushi Labs, linked to the decentralized exchange SushiSwap, admitted that the pseudo-anonymity, decentralized nature, and high value of cryptocurrencies have made it an attractive target for North Korean groups. 

These insights set the stage for deeper discussions at the upcoming Benzinga Future of Digital Assets event on Nov. 19.

Image Generated With DallE 3

Read Next: 

• WazirX has suffered a massive security breach, with hackers stealing cryptocurrency from the platform.
• Over $230 million in cryptos was stolen from the company’s wallets.
• The company has suspended withdrawals in rupees and cryptos.

WazirX, India’s largest cryptocurrency exchange on Thursday reported a massive security breach on its platform, which has resulted in the theft of over $230 million in cryptocurrency.

WazirX took to social media platform X to confirm the security breach and informed users that customer withdrawals from the exchange have been temporarily paused.

“A cyber-attack occurred in one of our multisig wallets involving a loss of funds exceeding $230 million. Despite us taking all necessary steps to protect the customer assets, the cyber attackers appear to have possibly breached such security features, and the theft occurred,” WazirX said in a post on X.

The breach reportedly occurred in one of the exchange’s multisig wallets, which require multiple private keys to unlock and withdraw funds.

The incident was linked to a discrepancy between the data displayed on Liminal’s digital asset custody and wallet infrastructure and the actual contents of the transaction. Liminal has been providing services to WazirX since February 2023.

WazirX has suspended all withdrawals, in both rupees and crypto on its platform.

“To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused. Thank you for your patience and understanding. We’ll keep you posted with further updates,” the company added.

“We have identified 2 more exploited smart contracts. Our team is still investigating the incident. For the time being we have opened up a secluded website to revoke all approvals. Your funds are at risk until you revoke,” WazirX added.

This security breach comes at a challenging time for WazirX, as the exchange has seen its trading volume plummet by 90% in 2023 compared to the previous year. The decline can be attributed to the Indian government’s introduction of a 30% tax on virtual currencies and a 1% deduction for every crypto transaction in 2022.

Additionally, the Enforcement Directorate (ED) has been investigating several cases under the Prevention of Money Laundering Act, 2002 (PMLA) and the Foreign Exchange Management Act, 1999 (FEMA) related to cryptocurrencies.

SEE ALSO:

Amazon Prime Day 2024 to begin on July 20 in India – everything you need to know about Amazon’s biggest sale

Sanstar IPO now open – Price band to risk factors, all you need to know

OnePlus Nord 4 vs Realme GT 6T – which mid-range phone should you buy under ₹35,000?

WESTPORT, Conn. (WTNH) — A Westport man who once served as a vice president of a cryptocurrency firm has pleaded guilty to stealing more than $4.4 million from them.

Dylan Meissner, 31, pleaded guilty to wire fraud, and faces up to 20 years in prison.

He was the vice president of finance at a cryptocurrency research firm in January 2022 when he received a $170,000 loan from the business to try to “avoid a substantial loss in certain cryptocurrency investments he had made using his personal funds,” according to an announcement from the U.S. Department of Justice.

Then, from February 2022 until he was fired in November 2022, he tried to make up for other losses by using the firm’s funds as his own. He then covered up the fraud by making false entries in business records.

In total, he took $4,461,828. He’s been ordered to pay $4,633,424.99 in restitution.

He has been released on a $100,000 bond and will be sentenced on Oct. 11