In July 2024, WazirX suffered a major cyberattack where over $230 million worth of crypto assets were siphoned from one of its multisig wallets. The attack exploited a discrepancy between the wallet interface’s data and the actual transaction details, allowing attackers to gain control!
WazirX quickly halted all withdrawals and reported the breach to Indian authorities, including the Financial Intelligence Unit and CERT-IN. They also worked with over 500 exchanges to block the attackers’ wallets and launched recovery efforts, including reaching out to the token projects involved.
Although the platform claims that the hack was a “force majeure” event—beyond its control—experts have debated whether such a clause would hold if the exchange could have reasonably mitigated the risks. Nonetheless, investors felt betrayed as their funds disappeared overnight!
As the exchange scrambles for solutions and faces court-mandated restructuring, questions loom over whether the fault lies in poor security protocols or deceptive hacker tactics. Dive into the details to uncover where WazirX went wrong.
How was WazirX hacked? [Explained]
The WazirX hack was a complex and highly sophisticated cyberattack, allowing threat actors to steal nearly $235 million by compromising a multi-signature (multisig) wallet. These types of wallets require multiple signatures to approve a transaction, adding an extra layer of security.
In this case, WazirX’s multisig wallet required four out of six signatures—three held by WazirX and one by their custodian, Liminal.
The attackers cleverly exploited a vulnerability in the way transactions were presented in the interface, tricking the signers into approving a malicious contract. The transaction appeared legitimate, but it secretly transferred control of the wallet to the hackers.
Once they had access, they drained the wallet and laundered the funds across various platforms. While some funds were blocked by services like ChangeNOW and Binance, much of the stolen crypto remains unaccounted for!
Although suspicions have been raised about the involvement of the North Korean hacker group Lazarus, there is no conclusive evidence yet.
A brief timeline of the WazirX fiasco
- July 18, 2024: Hack Occurs
- Hackers from the Lazarus Group, believed to be North Korean, breach WazirX’s multisig wallet and steal approximately $235 million worth of crypto assets.
- July 19-21, 2024: Initial Response
- WazirX halts operations and notifies users about the hack.
- The exchange begins an internal investigation and starts analyzing transaction records and server logs.
- July 22-24, 2024: Government Involvement
- Indian authorities, including the Financial Intelligence Unit (FIU), Intelligence Bureau (IB), and CERT-In, get involved and hold meetings with WazirX executives.
- WazirX provides server logs, transaction trails, and blockchain addresses to the authorities.
- August 2024: Public Statements and Legal Actions
- WazirX publicly acknowledges the hack and reassures users about ongoing efforts to recover the stolen funds.
- The company faces backlash from users and investors, leading to multiple lawsuits.
- September 2-26, 2024: Restructuring Efforts
- WazirX partners with financial advisory firm Kroll to support its restructuring efforts.
- A Singapore court grants WazirX a four-month moratorium to finalize its financial restructuring.
- October 2, 2024: Formation of COC Announced
- WazirX announces the formation of a Committee of Creditors (COC) to represent creditors’ interests in the restructuring process.
- The selection process for the COC is shared, with creditors being organized from smallest to largest claims.
- October 3-7, 2024: COC Formation Process
- WazirX completes Phase 1, forming a Contingent Creditor Pool.
- Creditors indicate their interest in being COC members by October 7.
- October 8, 2024: COC Selection
- The Potential COC Member Pool is formed, and one creditor from each tranche is selected at random to form the COC of 10 creditors.
- October 9, 2024: COC Formation and First Meeting
- The COC is officially formed.
- The first COC meeting is scheduled within a week of formation.
- October 9, 2024: Ongoing Investigations
- The Indian government continues its investigation into the hack, focusing on the role of Binance, which denies ownership of WazirX.
- WazirX updates its community on the progress of the investigation and recovery efforts.
- October 9, 2024: Current Status
- WazirX is still working with authorities and financial advisors to resolve the situation and compensate affected users.
How has the WazirX hack impacted investors?
The WazirX hack has had a significant impact on investors, leading to widespread anxiety and financial losses. After the attack on July 18, 2024, WazirX disclosed that approximately 43% of its users could potentially lose their funds, which amounts to a staggering ₹2,000 crore (around $234 million).
Many investors feel cheated, fearing they may never recover their assets!
The situation has worsened as hackers have started laundering the stolen digital assets using Tornado Cash, complicating recovery efforts. Additionally, the price of WazirX’s native token has plummeted by over 36%, reflecting investor sentiment and trust issues.
Legal experts and regulatory bodies have raised concerns about WazirX’s security practices, calling for thorough investigations.
The uncertainty around asset recovery and the management’s lack of transparency, particularly after removing a town hall video addressing investor concerns, has only deepened mistrust.
This incident serves as a stark reminder of the inherent risks in the crypto market and highlights the urgent need for improved security measures.
What is the latest update on the WazirX hack?
As of October 9, 2024, WazirX has officially formed a Committee of Creditors (COC) to represent users affected by the July hack. The COC consists of 10 users who will provide feedback on the exchange’s restructuring plan.
WazirX is working with financial advisors to recover and return 55%–57% of the stolen funds.
The Indian government continues its investigation, focusing on Binance’s role, while WazirX updates its community on recovery efforts.
Will the funds lost in the WazirX hack ever be recovered?
The recovery of funds lost in the WazirX hack remains uncertain and complex. WazirX is actively exploring various recovery options, including outreach to other exchanges and crypto projects for assistance. However, the lack of insurance for customer funds adds significant challenges!
WazirX proposed a controversial “socialized loss strategy,” which would allow users to access a portion of their funds while distributing the impact of the loss among all users, regardless of direct involvement. This plan drew criticism, as it unfairly penalized users whose assets were not stolen, and it was ultimately shelved , according to reports.
Despite ongoing investigations and community polls to gauge user feedback, many users remain in limbo, anxious about the fate of their investments!
In conclusion, the cryptocurrency landscape remains largely unregulated, raising significant concerns about its legitimacy and the potential for fraud.
Many cryptocurrencies lack intrinsic value, often relying on speculative trading to maintain their worth. Reports indicate that scams in this sector have surged, with losses exceeding $80 million just from investment frauds, highlighting how vulnerable investors can be.
Furthermore, numerous projects have been exposed as fraudulent or lacking substance, contributing to skepticism around the industry’s overall integrity. As investors navigate this volatile market, the imperative for due diligence and regulatory oversight has never been clearer!