Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
Bitget TraderPro program
Unlock your trading potential! Become a verified Bitget elite trader and earn 10,000 USDT to help skyrocket your profits. Join now and start your journey to success!
Overview
Introduction to Bitget copy trading and its advantages
Copy what suits you
Futures Copy Trading
Follow the world's top futures trading experts
Spot Copy Trading
Follow the world's top spot trading experts
Bot Copy Trading
Copy top bots to trade smarter
Bitget
News
WazirX $235M Hack: Indian Regulators Probe Founders Months After Exploit

WazirX $235M Hack: Indian Regulators Probe Founders Months After Exploit

CCNCCN2024/10/08 17:36
By:CCN

Key Takeaways

  • WazirX founders quizzed by Indin financial watchdogs amid growing demand from hack victims.
  • The crypto exchange’s post-hack dealing has raised questions and suspicions about insider jobs.
  • A Singapore court granted WazirX a four-month conditional mortarium.

As WazirX proceeds with its restructuring plans in Singapore, Indian financial regulators have belatedly taken notice of a $235 million hack that targeted the exchange several months ago.

Indian Agencies Meet WazirX Founders

According to local media reports ,  A team of 10 officials from India’s top financial regulatory agencies met with the founders of WazirX over the past two weeks to discuss the company’s involvement in a massive hacking incident.

The officials, representing the Financial Intelligence Unit, Intelligence Bureau, and the Indian Computer Emergency Response Team, converged on WazirX’s Mumbai office to gather information on the hack, which resulted in the loss of $235 million.

The regulators reportedly investigated server and laptop logs, transaction trails, and the blockchain addresses linked to the hacking.

You May Also Like
  • Crypto Crypto Hacks 2024: Full List of Scams, Exploits and Vulnerabilities Including Onyx Protocol, BingX, & Indodax
  • Crypto Crypto Hacks Surge to $750M in Q3 2024 Despite Fewer Attacks: CertiK Report
  • Crypto FTX Reorganization Plan Approved: Here’s When Creditors Will Be Paid

While no physical electronics were confiscated during the meeting, the officials did collect crucial data as part of their preliminary investigation. People familiar with the inquiry said the government is deeply concerned about the hack’s impact on India’s retail market.

Government agencies have contacted WazirX to better understand the company’s internal workings, including its transaction processes and liquidity management.

The hacking incident has highlighted the risks associated with the largely unregulated cryptocurrency sector. According to a person aware of the investigation, “Grey areas” in the sector’s regulatory framework allegedly contributed to the hack.

Customers who claim the exchange kept them in the dark about the hacking incident have welcomed the Indian government’s involvement in the WazirX case.

An online campaign had been calling for action against the exchange, and the authorities’ probe marks a new development in the case.

What’s Next For WazirX Hack Victims?

WazirX is currently in the middle of a restructuring process in Singapore after a court- approved conditional four-month moratorium for the exchange.

The court ordered WazirX to reveal its current funds and publicize its hacked wallets.

While the crypto exchange has promised to reimburse 55% of the user’s funds after the restructuring process, it was heavily criticized for going to Singapore for the restructuring process.

WazirX, on the other hand, claimed that since Zettai, the private company behind WazirX, is incorporated in Singapore, any legal remedy will be done via Singapore.

However, the crypto exchange’s handling of the customer’s plea made it difficult for hack victims to trust it.

Now, with the Indian government agencies involved, WazirX hack victims hope the Nischal Shetty-led business doesn’t cheat its customers.

WazirX Hacker Launder Stolen ETH

By the final week of September, hackers behind the WazirX hack had laundered nearly all of the stolen funds, just as the crypto exchange entered its restructuring process.

The laundering process began on Sept. 3, with the hacker moving batches of 5,000 Ether (ETH) to Tornado Cash, a crypto mixing service.

The hacker used a very simple two-step method to launder the funds. They first transferred 5,000 ETH to a new address and then funneled the same amount through Tornado Cash in smaller batches.

According to Arkham data, most of the stolen funds were laundered within 22 days.

Arkham charts show a sharp rise in the hacker’s ETH balance on July 18, the day of the hack, followed by a gradual decline as the funds were moved to Tornado Cash.

By Sept. 29, the wallet’s ETH balance had returned to pre-hack levels.

WazirX hacker wallet. Source: Arkham

As legal experts from the exchange assert that a full recovery is extremely unlikely, the hackers’ decision to move the stolen funds to Tornado Cash could potentially complicate matters further.

WazirX Users Might Never Recover Their Hacked Crypto

The revelation came just a week after WazirX canceled all outstanding orders on its platform and announced a restructuring plan, citing its ongoing dispute with Binance.

During the meeting, the exchange’s co-founder, Nischal Shetty, addressed the community’s concerns and provided updates on the restructuring process.

One of the most contentious issues raised was WazirX’s decision to seek restructuring in Singapore rather than India.

Panelists attributed the move to the protracted legal battle with Binance, adding that Singapore was the preferred choice due to Zettai’s presence in the country, which holds users’ crypto assets.

While addressing questions on potential chances of recovery, the legal expert on the panel noted that it’s implausible that the customers who have lost funds due to the hack will be made whole in crypto terms.

According to estimates, users who lost funds in the hack can expect to recover only 52-57% of their crypto portfolio.

To illustrate, a user who lost 100 Ether (ETH) before the hack might recover only 52-57 ETH.

While the expert offered a glimmer of hope, suggesting that the exchange might recover the US dollar value if crypto markets surge in the future, the news was a bitter pill for many users who had pinned their hopes on a full recovery.

Seeking Court Protection Amid $234 M Hack and CoinSwitch Dispute

WazirX has sought refuge in the Singapore High Court, requesting a six-month breathing room to restructure its liabilities following a $234 million hack in July.

This move came as rival exchange CoinSwitch, which claims to have $9.6 million in deposits tied up on the exchange, prepared to take legal action to recover its assets.

Credit: X.com

In a bid to stave off potential lawsuits, including CoinSwitch’s, WazirX’s parent company, Zettai Pte, filed for a moratorium, which would grant the exchange reprieve from creditor claims.

As WazirX navigates the complex web of ownership disputes with Binance and potential investor interest, the exchange is racing against time to find a “white knight” to assist with the restructuring.

With over 9,700 withdrawal-related inquiries and four legal notices pending, the pressure is mounting on WazirX to deliver a solution to its 16 million users, who have been left reeling from the devastating hack.

WazirX has also allocated $12 million in cryptocurrency tokens to cover anticipated investigation and legal costs related to the hack and subsequent proceedings.

WazirX Cancels Open Orders Amid Ongoing Issues

According to its post on X :
“Please note that all open orders currently placed on WazirX will be canceled. Any INR and crypto assets blocked in these open orders will be added to your respective balances. This step is part of our ongoing efforts to resolve the issue surrounding INR and crypto balances on the platform.”

It remains uncertain if the exchange’s cancellation of open orders was directly related to the July hack.

Despite the exchange’s claims of reliability, its native token, WazirX (WRX), has seen a dramatic decline of 97% from its all-time high of $5.88 in April 2021, according to CoinMarketCap data .

At the time of writing, the WRX had increased by 3.48% to $0.16. This uptick came after a significant 25% drop on July 19, when the price fell from $0.16 to approximately $0.12, coinciding with the timing of the hack.

WazirX Promises Full Restoration

Initially, WazirX reported it would send emails to users affected by the hack detailing the impacted trades, how much of their funds would be returned, and more.

The exchange promised to refund Tax Deducted at Source (TDS) related to the affected trades.

WazirX also noted that trades involving INR or crypto executed after 1 PM IST on July 18, 2024, will be restored.

The beleaguered exchange asserted that the decision to restore users’ balance to what they were was not made lightly. WazirX shared that it aims to protect the integrity of its platform and facilitate an equitable outcome for users following the hack.

Seemingly, this is a major shift from its previous proposal, where it aimed to share the losses with its users.

Backlash Over Socialized Losses

Before the restoration announcement , WazirX proposed a controversial “socialized losses” plan, dubbed the “55/45 approach.”

The proposal was met with significant backlash from users, as it allowed only 55% of their assets to be traded on the exchange, while the remaining 45% would be converted into Tether (USDT) or other tokens and locked on the platform.

This plan would have affected all users, not just those impacted by the recent hack.

However, given the widespread frustration seen in the polls, with users criticizing the plan as unfair and questioning the exchange’s transparency, the plan didn’t go through.

WazirX’s CEO, Nischal Shetty, clarified that the poll was meant to gather feedback, not make a binding decision.

WazirX Halts Trading, Announces Bounty of $23M

The substantial loss has compromised WazirX’s ability to maintain the crucial 1:1 collateral ratio with its assets, raising serious concerns about the sufficiency of the exchange’s reserves and its capacity to reimburse customers fully.

The exchange also decided to launch a bounty program with a total allocation of $23 million to address its recent security breach. The program is structured into two main categories:
  • Track & Freeze: This category rewards individuals who provide timely information that leads to the tracking and freezing of stolen funds.
  • White Hat Recovery: This category is designed for ethical hackers who can help in recovering the assets compromised during the breach.

The bounty program is initially set to run for three months, with the possibility of an extension depending on its success and ongoing needs. WazirX has expressed its commitment to prolonging the program if it yields positive results and further action is deemed necessary.

According to Nischal Shetty, Founder of WazirX:

“Our foremost goal is to recover the stolen funds. This bounty program is designed to tap into the expertise of the community to achieve this critical objective. We remain committed to transparency and collaboration, reinforcing our dedication to a secure and resilient digital finance ecosystem.”

North Korean Hackers Suspected in Massive WazirX Crypto Heist

Based on their on-chain analysis, Blockchain analytics firm Elliptic identified North Korean hackers as the prime suspects in the $235 million WazirX exploit on July 18.

At the time of writing, the hackers had pocketed over 45% of the exchange’s total funds and were reportedly on the run.

The hackers siphoned nearly $235 million worth of crypto assets, spanning over 200 unique tokens. This included approximately $96.7 million in Shiba Inu (SHIB), $52.6 million in Ether (ETH), $11 million in Polygon (MATIC), and $7.6 million in Pepe (PEPE).

Credit: Elliptic
The blockchain security firm noted that the thief had already converted several of these tokens into Ether using various decentralized services, frequently used by hackers to launder money.

Blockchain sleuth ZachXBT, after tracing the origins of the WazirX hack from the initial exploiter address, suggested on X that the attack bears similarities to a Lazarus Group operation.

The Lazarus Group, a notorious North Korean cybercrime syndicate, has been implicated in various high-profile cyber incidents since 2010. It ventured into targeting the cryptocurrency sector in 2017 and is believed to be responsible for several major heists, including the $600 million theft from the Ronin Bridge.

WazirX Halts Withdrawals After Massive Hack

Indian crypto exchange WazirX suspended withdrawals on July 18 following a hack that drained nearly half its reserves. The exchange blamed the incident on a “force majeure event” and actively worked to recover the stolen funds.

At WazirX, our commitment to transparency and community welfare is paramount. There was a cyber attack on one of our multisig wallets. Below are the preliminary findings to clarify the situation:

» Incident Overview: A cyber attack occurred in one of our multisig wallets…

— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 18, 2024

 

According to a threat intelligence report from blockchain research firm TRM, by June 24, 2024, hackers had stolen $1.38 billion, a significant increase from $657 million stolen by the same date the previous year.

The report also highlights that in May, the Japanese cryptocurrency exchange DMM Bitcoin was hit by the year’s largest attack, with over 4,500 BTC stolen. At the time of the theft, these bitcoins were valued at over $300 million.

Hackers Move Over $234.9M from WazirX in Suspected Crypto Heist

According to the security platform Cyvers, which flagged multiple suspicious transactions on the platform, hackers moved over $234.9 million worth of funds from WazirX to a new address. The security firm noted that transactions from crypto mixing service Tornado Cash initiated the hack, highlighting potential concerns about the source of the funds.

🚨ALERT🚨Hey @WazirXIndia , Our system has detected multiple suspicious transactions involving your Safe Multisig wallet on the #ETH network.

A total of $234.9M of your funds have been moved to a new address. Each transaction's caller is funded by @TornadoCash .

The suspicious… pic.twitter.com/4sajAwd4Hb

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 18, 2024

Cyvers reported that the address linked to the hackers had begun converting PEPE, GALA, and USDT into Ethereum. The security firm confirmed active swapping of other assets as well. Despite their attempts to contact WazirX, Cyvers has yet to receive a response.

Cyvers also told CCN that, in the case of WazirX, it assisted in tracking the stolen funds and provided comprehensive data to aid the recovery efforts.

It confirmed:

“At this moment, we do not have further updates on the recovery of the stolen assets. Our focus remains on providing detailed and actionable intelligence to support their recovery processes.”

In his Telegram post , popular on-chain detective ZachXBT also sounded the alarm on the incident, sharing information such as the theft address.

Credit: Telegram

WazirX did not immediately respond to CCN’s request for comment.

Hackers Unload Millions in SHIB, MATIC, PEPE After WazirX Breach

The compromised wallet has been actively offloading the stolen assets , including 640.27 billion PEPE tokens, valued at approximately $7.6 million. Additionally, it transferred substantial amounts of other cryptocurrencies: 20.5 million MATIC tokens worth $11.2 million and a massive 5.4 trillion SHIB tokens valued at $102.1 million. The wallet also moved 15,298 ETH during the breach, equivalent to $52.5 million. These transfers have raised serious concerns among WazirX users about the security of their funds. Nevertheless, WazirX has reassured its users that their funds remain secure following the hack.

Credit: x/cafebit.org

According to on-chain data , the hacker held approximately $211 million in cryptocurrencies at press time, with the majority of the assets in the wallet, including $4.7 million in Floki (FLOKI), $3.2 million in Fantom (FTM), $2.8 million in Chainlink (LINK), and $2.3 million in Fetch.ai (FET).

The remaining funds were distributed among a diverse array of other tokens.

WazirX Halts Withdrawals After Security Breach

In response to the security breach, WazirX has acknowledged the incident through their Telegram announcement channel. The exchange stated that their team is actively investigating the matter.

Credit: Telegram

As a precautionary measure, WazirX has temporarily paused both Indian Rupee (INR) and crypto withdrawals to address the situation and prevent further unauthorized transactions.

Binance Clarifies Non-Ownership in WazirX’s Parent Company

In May this year, amidst regulatory changes, Binance confirmed it had been entangled in internal disputes with WazirX since 2022. WazirX was perceived as Binance’s local arm after allegations surfaced that Binance controlled the WRX token.

Following a prolonged public disagreement, former Binance CEO Changpeng Zhao clarified that Binance does not hold any shares in Zanmai Labs, the parent company of WazirX.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

Trending news

More
1

Self-custodial wallet SafePal to launch Telegram crypto wallet supporting Visa cards

2

Forbes: Tesla, AMD and Nvidia stocks all had higher volatility than Bitcoin in October

Crypto prices

More
Bitcoin
Bitcoin
BTC
$69,580.88
+0.32%
Ethereum
Ethereum
ETH
$2,500.97
-0.01%
Tether USDt
Tether USDt
USDT
$0.9996
+0.06%
BNB
BNB
BNB
$575.8
-0.19%
Solana
Solana
SOL
$166.66
+0.40%
USDC
USDC
USDC
$1
+0.01%
XRP
XRP
XRP
$0.5127
-1.57%
Dogecoin
Dogecoin
DOGE
$0.1603
+1.10%
TRON
TRON
TRX
$0.1675
+0.27%
Cardano
Cardano
ADA
$0.3569
+3.08%
Bitget pre-market
Buy or sell coins before they are listed, including PGC, MAJOR, OGC, MEMEFI, and more.
Trade now
Become a trader now?A welcome pack worth 6200 USDT for new Bitgetters!
Sign up now
Trade smarter
Trade smarter
Download app
Company
About Bitget Contact us Community Careers Ambassador Messi Turkish Elite Athletes Partnership Blockchain4Youth Blockchain4Her Media Kit Bitget Academy Bitget Blog Announcement Center Proof of Reserves Protection Fund Bitget Token Friendship Links Sitemap
Products
Buy crypto Spot Futures Margin Bots Earn APIs Web3 Wallet Fiat OTC
Copy
Spot Copy Trading Futures Copy Trading Bot Copy Trading TraderPro
Tools
Telegram Apps Center Crypto Directory Crypto Wiki Crypto Widgets Events Calendar ICO Calendar Crypto glossary Profit calculator Airdrop Library
Buy crypto
Crypto categories Calculator Buy Bitcoin Buy ETH Buy DOGE Buy XRP Buy BGB Buy SHIB Crypto prices Bitcoin price Ethereum price BRC-20 price
Services
Submit Feedback Help Center Verify Official Channels VIP Services Affiliate Program Institutional Services Asset Custody Download Data Promotions Referral Program Fee schedule Tax filing API
Legal & Disclosures
Law Enforcement Request Regulatory request Regulatory License AML/CFT Policies Privacy Policy Terms of Use Legal Statement Risk Disclosure ST Rules
Trade smarter
Download app
© 2024 Bitget
Privacy·Terms·Risk