WazirX Hack Update: Founder Reveals Details On Fund Recovery, Withdrawals

As a seasoned researcher with extensive experience in the field of cybersecurity and cryptocurrency exchanges, I have closely followed the recent developments at WazirX following the devastating $230 million hack. The incident has raised significant concerns among investors and industry experts alike, and I’ve been monitoring the situation closely to gain a deeper understanding of the events unfolding.


Following the substantial hack that led to the theft of approximately $230 million from Indian cryptocurrency exchange WazirX, founder Nischal Shetty has responded to pressing inquiries. He provided insights into the ongoing recovery process and the planned resumption of withdrawals. The hack, perpetrated through a third-party custodian named Liminal, impacted the digital assets of WazirX users, but left their INR funds untouched.

WazirX Founder On Fund Recovery & Withdrawals After $230M Hack

In a sequence of updates on X, Shetty offered comforting words and detailed the plans the exchange is implementing to mitigate the consequences. He mentioned that “potential solutions have arisen for us to consider in our efforts towards recuperation.” Shetty further disclosed:

“Given that it will take longer for the recovery process, we acknowledge your eagerness to access the platform for withdrawals, deposits, or trading. To make an informed decision regarding the platform’s opening, we plan to conduct a survey among our customers. Our team is currently developing the poll functionality so that everyone can have their say.”

I want to clarify that while we experienced a significant hacking incident, the security of our WazirX product platform and infrastructure remains uncompromised. To add some reassurance, INR funds were not affected by this cyber attack. The attack occurred during the process of working with our custody provider, Liminal, but our product platform and infrastructure itself was not breached.

The WazirX team, post the security breach, has taken an active stance in their efforts to recover the stolen funds. They’ve shared, “We have received 133 submissions for our Bounty Program and are currently assessing them. Come aboard and collaborate with us in strengthening the crypto community. A reward of $23 million awaits for effective solutions that result in a resolution.”

WazirX, the cryptocurrency exchange, has introduced two initiatives for individuals conducting on-chain investigations. One is called the “track and freeze bounty,” which awards up to $10,000 in Tether (USDT) for valuable information leading to the freezing of stolen funds. Another initiative is named the “white hat recovery bounty,” which grants ethical hackers a reward of up to 10% of the recovered amount.

Developments After The Cyber Attack

New information emerges indicating that the hacker has shifted $57 million of the stolen funds to two fresh cryptocurrency accounts. According to PeckShield’s analysis, approximately 16,350 Ether (ETH), worth over $57 million, was transferred to these newly created wallets. The larger portion of this amount, around $52 million, was deposited into the address “0x58d.”

WazirX’s multi-signature wallet, managed through Gnosis Safe, was the focus of a recent cyberattack. This wallet held Ethereum (ETH) and ERC-20 tokens. The wallet required approval from six different entities for transactions: five were representatives of WazirX, while one belonged to Liminal. According to the WazirX team’s statement, three signatures from WazirX were utilized, each originating from distinct devices, and employing separate hardware wallets. These devices were situated in various locations, and their links were saved as bookmarks.

To shed light on the ongoing investigation, WazirX has brought in an external forensic team for a comprehensive examination. Their expertise will help ascertain if any or all of the three devices from WazirX were breached. However, as we lack proficiency in this field, hiring an external forensic team is essential to conduct this thorough audit and provide us with valuable insights regarding the origin of the three signatures on the malicious payload.

The WazirX team disclosed that they are actively collaborating with over 500 cryptocurrency exchanges to recover the stolen funds following the hack. Moreover, they have reached out to India’s Financial Intelligence Unit (FIU) for assistance in tracing the missing funds. However, it appears that the attacker has predominantly converted the funds into Ethereum. There are concerns that this Ethereum may be laundered through Tornado Cash.

Read More

2024-07-24 15:56