Big Blow to Crypto as WazirX Falls Victim to $235 MM Hack

Big Blow to Crypto Industry as WazirX Falls Victim to $235 Million Hack

Mumbai-based crypto exchange WazirX has reportedly lost approximately $230 million due to a hack. The breach was identified by Lookchain, a third-party blockchain explorer, which revealed that more than 200 cryptocurrencies were stolen. These included:

• 43 billion SHIB tokens
• Over 15,200 Ethereum tokens
• 5 million MATIC tokens
• 640 billion PEPE tokens
• 79 million USDT
• 135 million GALA tokens

WazirX brands itself as ‘India Ka Bitcoin Exchange’ and primarily serves the Indian market. It is registered with the Financial Intelligence Unit (FIU) of India, enabling it to offer crypto exchange services to Indian citizens. Despite this setback, WazirX’s commitment to security and recovery efforts highlights its dedication to maintaining trust within the crypto community.

The largest intrusion on an Indian exchange occurred on the cryptocurrency platform WazirX, where hackers stole investor holdings valued at over $230 million, or about half of the firm’s total reserves. Blockchain specialists suggested that the hack may have been carried out by the cybercriminal organisation Lazarus.

Significance of the Loss to Crypto Industry

The magnitude of the theft is particularly devastating for WazirX, which had disclosed holdings of around $500 million in its June proof-of-reserves report. This hack represents nearly half of its reserves, making it one of the most significant crypto thefts in recent years according to estimates by Cyvers.

The hack on WazirX underscores the vulnerabilities within the crypto exchange ecosystem, even among well-established platforms. The significant loss of nearly half its reserves marks a major blow to the industry, emphasizing the need for enhanced security measures and robust response strategies to safeguard assets and maintain user confidence.

Mechanics of the Hack

The stolen funds, totaling $234.9 million, were moved from a Safe Multisig wallet to a new address. Each transaction was funded through Tornado Cash, a decentralized protocol on Ethereum designed for private transactions, indicating a sophisticated approach to obfuscate the trail of the stolen assets.

Liminal Custody, a crypto storage provider, clarified that the compromised wallet was a self-custody multi-signature smart contract wallet created outside its ecosystem. “Liminal’s platform remains secure, and all WazirX wallets created on our platform are protected. The malicious transactions originated outside of the Liminal platform,” the company stated.

WazirX’s Response

In response to the incident, WazirX issued a statement on its X account, describing the hack as a “force majeure event beyond our control.” WazirX has described the hack as a “force majeure event beyond our control” and is actively working to locate and recover the funds. The company is actively working to locate and recover the funds

• • Blocking certain deposits
  • Reaching out to affected wallets for recovery
  • Engaging top resources to aid in the recovery process

Reactions from the Crypto Community

This incident has raised concerns among WazirX users regarding the safety of their funds on the exchange. The hack poses a significant setback for India’s recovering crypto industry.

• Neeraj Khandelwal, co-founder of CoinDCX, expressed sympathy: “Even though WazirX is our competitor, this incident is unfortunate for the Indian web3 ecosystem.”
• Krishnendu Chatterjee, co-founder and CEO of A2ZCrypto, emphasized the need for regulatory intervention: “The Indian government should urgently regulate crypto, separating the roles of exchanges and custodians. With proper custody and insurance, such scenarios might be averted, ensuring investor protection.”
• Edul Patel, CEO of Mudrex, highlighted the importance of continuous monitoring and robust compliance frameworks to protect investors and maintain the crypto ecosystem’s integrity.