WazirX reports security breach of crypto exchange, $230 million stolen
Take action: When your crypto exchange is hacked and money is stolen IT IS NOT a "force majure event". There is no "power of nature" involved in a bug, a crime or a security flaw. It's sad that the company tries to avoid liability in the most shameless way possible.
Learn More
WazirX, an Indian cryptocurrency exchange, halted withdrawals on Thursday 18th of July 2024 following a significant security breach they described as a "force majeure event." (?).
The breach resulted in the loss of $230 million, nearly half of the exchange's reserves. The Mumbai-based company reported that the incident involved one of its multisig wallets, which requires multiple private keys for authentication. The compromised wallet had six signatories, five of whom were part of the WazirX team.
According to WazirX, the breach was due to a discrepancy between the data displayed on Liminal’s interface and the actual transaction contents. Liminal, a wallet infrastructure firm, clarified that the affected wallet was created outside its ecosystem. During the cyber attack, the mismatch in information led to the transfer of wallet control to the attacker.
The breach resulted in the theft of over 200 different cryptocurrencies, including:
- 5.43 billion SHIB tokens
- Over 15,200 Ethereum tokens
- 20.5 million Matic tokens
- 640 billion Pepe tokens
- 5.79 million USDT
- 135 million Gala tokens
Blockchain explorer Lookchain reported these stolen assets, and it appears the attackers are attempting to liquidate the assets using the decentralized exchange Uniswap. Risk-management platform Elliptic has linked the hackers to North Korea.
The loss is massive for WazirX, which reported holdings of approximately $500 million in its June proof-of-reserves disclosure. Other Indian crypto exchanges, CoinSwitch and CoinDCX, assured their customers that their funds remain secure and unaffected.
WazirX states they are actively working to locate and recover the stolen funds, having already blocked some deposits and contacted concerned wallets for recovery. The exchange is leveraging the best resources available to aid in this effort.
Update - as of 21st of July 2024, WazirX, has "temporarily" halted all trading activities following the security breach. The Mumbai-based exchange announced the suspension on Twitter, citing the cyber attack's substantial impact on its ability to maintain a critical 1:1 collateral ratio with assets. This incident has raised serious concerns about WazirX's reserve adequacy and its capacity to fully reimburse customers.
As of 2nd of September 2024, WazirX reported that 43% of customer funds lost in the cyberattack are unlikely to be recovered and is undergoing a restructuring process expected to take up to six months, while also seeking a potential investor and exploring partnerships to stabilize its operations.
