Wirex

Wirex, also known as Wirex.app, is a cryptocurrency platform headquartered in Slovakia. The company provides services within the digital asset sector, operating as a platform for cryptocurrency-related activities. Its operational footprint and specific market reach are not detailed in the available information, though its inclusion in a coordinated attack on multiple cryptocurrency services indicates it functions within the global crypto exchange or wallet provider landscape. The platform's core business involves facilitating cryptocurrency transactions and account management for its users, aligning with industry standards for such services. No explicit information is provided regarding its precise product suite, user base size, or geographic market penetration beyond its Slovakian headquarters and its identification as a target in a significant security incident.

In November 2020, Wirex was among several cryptocurrency platforms compromised in an incident where fraudsters socially engineered employees of domain registrar GoDaddy. The attackers gained unauthorized control over domain registrations, enabling them to alter DNS records and redirect both email and web traffic. This interception allowed the malicious actors to partially compromise Wirex's infrastructure and access internal accounts. While some affected services in the broader incident detected and reverted the DNS changes swiftly, preventing direct data theft, the redirected emails were exploited to attempt password resets on third-party platforms. GoDaddy confirmed that a limited number of its employee accounts were manipulated through voice phishing, after which the compromised accounts were locked down and the company assisted affected customers, including those of Wirex, in restoring access. The tactics mirrored previous GoDaddy breaches, highlighting a persistent threat vector targeting domain management through social engineering of support staff. The incident underscores the vulnerability of domain registration processes to sophisticated phishing campaigns and the cascading risks such compromises pose to interconnected digital services. Wirex's experience reflects the broader challenge faced by cryptocurrency platforms in defending against supply-chain attacks that exploit third-party service providers. The event did not result in confirmed large-scale data exfiltration from Wirex's systems, though the attempt to leverage redirected email for credential resets indicates a clear intent for further account takeover. The response involved coordination with GoDaddy to mitigate the domain hijacking and restore legitimate control over the platform's online presence. This incident is a documented case of a security breach affecting Wirex, illustrating the operational risks inherent in the cryptocurrency sector's reliance on external infrastructure providers. No further details on Wirex's internal security posture changes or long-term impacts from this specific event are available in the provided material.