North Korean hackers likely behind $235 million WazirX exploit: Elliptic

Blockchain analytics firm Elliptic said in a report that on-chain analysis suggests hackers affiliated with North Korea conducted today’s high-profile exploit of WazirX, resulting in about $235 million in crypto being stolen.

"On-chain analysis and other information reviewed by Elliptic indicates that this hack was perpetrated by hackers affiliated with North Korea," Elliptic wrote in bold on its official blog.

"Elliptic has added the address associated with the thief to our system, ensuring that our clients will be alerted if they receive any of these funds," it added.

The hack occurred earlier today and was confirmed by the exchange via a post on social media platform X. On-chain data shows more than 200 different cryptoassets were stolen — including ~$96.7 million of Shiba Inu, ~$52.6 million in ether, ~$11 million in Polygon's MATIC and ~$7.6 million on memecoin Pepe.

Following the exploit, the stolen funds were transferred to a new address through a transaction funded by Tornado Cash. The exploiters began conducting swaps of stolen assets for ether using various decentralized services. Elliptic notes that these actions are typical of money laundering efforts and attempts to obfuscate activity, consistent with behavior demonstrated by North Korean hackers in previous incidents.

Centralized exchange deposits have also reportedly been connected after popular blockchain sleuth ZachXBT "submitted definitive evidence of a KYC-linked deposit address used by the exploiter to receive funds from the WazirX exploit" to fulfill an Arkham bounty requirement.

North Korean hackers are often to blame for some of the crypto industry's most high-profile exploits. They reportedly laundered nearly $148 million in cryptocurrencies through Tornado Cash in March, and have been known to infiltrate job postings and use social engineering tactics to exploit various projects.