Cyvers crypto exchange, one of India’s leading centralised crypto platforms, lost almost half its assets following a major security breach on. The breach involved Cyvers’ Safe Multisig wallet on the Ethereum network, leading to the loss of $235 million in various cryptocurrencies.
“We’re aware that one of our multisig wallets has experienced a security breach,” Cyvers’ X account announced in a post at 8:48 am London time. “Our team is actively investigating the incident.”
Blockchain security firm Cyvers was among the first to spot the hack, alerting the exchange to multiple suspicious transactions involving its Safe Multisig wallet on the Ethereum network.
According to Cyvers, a total of $234.9 million worth of funds were moved to a new address, with each transaction’s caller funded by Tornado Cash, a service often used to obfuscate the origins of cryptocurrency transactions. The suspicious transactions began moving funds out of one of Cyvers’ Ethereum wallets at around 6:19 am, and in just over an hour, nearly $235 million in assets had been drained.
Among the stolen assets were over $102 million worth of Shiba Inu, a popular dog-themed meme coin, $53 million worth of Ether (ETH), and $11 million worth of Polygon’s MATIC token, along with smaller amounts of more than a dozen other tokens. On-chain records show that the hacker is already selling portions of the stolen crypto.
Cyvers’ proof of reserves report from June indicated that the exchange held $503 million worth of assets. The $235 million loss represents a staggering 46% of its total assets. In response to the breach, Cyvers has suspended both cash and cryptocurrency withdrawals.
Cyvers Crypto Exchange: The Mechanics of the Hack
Advertisement Banner
The hack adds to the $684.3 million already stolen in similar incidents in 2024, as reported by credible sources. While the total amount stolen in such hacks dropped 56% between 2022 and 2023, security experts have cautioned that cybercriminals will likely return with the bull market.
According to reports, Cyvers used a Safe multisignature wallet, or multisig, to hold its users’ crypto. These wallets are typically considered more secure than regular wallets as they require multiple people to sign off on each transaction. However, the hacker found a way to circumvent this security measure. “It seems that the signers of the affected account signed a transaction that changed the implementation contract address in the proxy,” explained Mikhail Mikheev, a software developer at Safe, in a group on the messaging app Telegram.
In simpler terms, after gaining access to Cyvers’ systems, the hacker upgraded the code governing the wallet to bypass its security features. “To our knowledge, no other Safes are affected,” Mikheev added. “We’re currently cooperating with Cyvers to investigate the issue further.”
The Cyvers hack is not the first such incident in recent months. According to news sources, in May, the Japanese exchange DMM Bitcoin suffered an ‘unauthorised leak’ of more than $300 million. Pseudonymous on-chain sleuth ZachXBT suggested that North Korea’s Lazarus Group might be behind the DMM Bitcoin hack due to “similarities in laundering techniques and off-chain indicators.”
Ari Redbord, the global head of policy at TRM Labs, a blockchain intelligence company, said the attack bore “the hallmarks of a prototypical [North Korean] hack.” It is not yet known whether Lazarus Group is also behind the Cyvers hack.
The breach at Cyvers highlights the ongoing challenges and vulnerabilities in the cryptocurrency space, even as exchanges implement sophisticated security measures like multisig wallets. The incident underscores the need for continuous vigilance and advanced security protocols to protect digital assets in an increasingly targeted industry.
For more updates and stories, stay connected with The BIT Journal, your trusted source for the latest in blockchain and cryptocurrency news.
The price predictions and financial analysis presented on this website are for informational purposes only and do not constitute financial, investment, or trading advice. While we strive to provide accurate and up-to-date information, the volatile nature of cryptocurrency markets means that prices can fluctuate significantly and unpredictably.
You should conduct your own research and consult with a qualified financial advisor before making any investment decisions. The Bit Journal does not guarantee the accuracy, completeness, or reliability of any information provided in the price predictions, and we will not be held liable for any losses incurred as a result of relying on this information.
Investing in cryptocurrencies carries risks, including the risk of significant losses. Always invest responsibly and within your means.
