What Went Wrong with WazirX? Unraveling India’s biggest crypto hack
Release: 2024/08/02 15:24 Reading: 613
On July 18, WazirX, a Leading Indian Cryptocurrency Exchange, Suffered a Massive Cyberattack
On July 18, WazirX, one of India's prominent cryptocurrency exchanges, experienced a devastating cyberattack, resulting in the loss of approximately $234.9 million (Rs 2000 crore) in investor funds.
The Aftermath: Shock, Anger, and Investigation
The attack has left thousands of WazirX users in shock, exasperation, and trepidation regarding their investments. Numerous investigative agencies, including the FBI, and crypto sleuths have launched inquiries into the incident, but no significant progress has been made. The subsequent events have been characterized by evasiveness from the platform's owners amidst growing anxiety within India's crypto community.
What Transpired on July 18?
On July 18, cybersecurity firm Cyvers Alerts reported a substantial breach in WazirX's multi-sig wallet, with unauthorized transactions transferring funds worth $234.9 million to another wallet on the Ethereum network. The stolen assets constituted a significant portion of WazirX's investor funds, as indicated in their June 2024 proof of reserve report, which valued total holdings at $503.64 million. Subsequently, WazirX's official Twitter account confirmed the hack and suspended all withdrawals from its platform.
The Extent of WazirX's Loss
Blockchain explorer Lookonchain provided detailed information on the stolen assets, which included over 200 distinct cryptocurrencies. Notably, the attack involved 5.43 billion SHIB tokens, over 15,200 Ethereum tokens, 20.5 million Matic tokens, 640 billion Pepe tokens, 5.79 million USDT, and 135 million Gala tokens. The substantial volume of stolen assets has impacted the market value of these cryptocurrencies and WazirX's overall industry standing.
Possible Causes of the Security Breach
Potential explanations for the security breach include vulnerabilities, insufficient security protocols, weak API security, inadequate monitoring and response systems, or outdated software. Given WazirX's stature as one of India's major exchanges, these concerns are both surprising and alarming, raising questions about their security measures' overall robustness and preparedness for such an attack.
Lazarus Group's Suspected Involvement
Some security experts have implicated the Lazarus Group, a notorious North Korean hacking collective, as a potential culprit. This group has been linked to several high-profile cryptocurrency attacks in recent years. In June 2023, for example, the Lazarus Group targeted Atomic Wallet, stealing over $35 million worth of cryptocurrency. They employed sophisticated techniques, such as phishing attacks to obtain private keys and cryptocurrency mixers to launder stolen funds. The group's history of targeting exchanges and wallets to finance North Korea's regime raises concerns that they may also be responsible for the WazirX attack.
Blockchain evidence suggests that the stolen assets are being sold on the decentralized exchange Uniswap. Risk management firm Elliptic has established links between the hackers and the Lazarus Group, bolstering the suspicion that this attack was orchestrated by a highly skilled and well-resourced hacking organization.
Insider Attack Speculation
There is also speculation about an insider's involvement in the hack. An insider with privileged access to sensitive data or systems could have facilitated the breach or played a role in some capacity. Inadequate segregation of duties and privileges within the exchange may have facilitated abuse of access for malicious purposes. Moreover, phishing attacks and other social engineering tactics could have contributed to the breach.
WazirX's Response: Controversial "55/45" Compensation Plan
WazirX's immediate suspension of withdrawals left many customers stranded, unable to access their funds during the critical recovery period.
The compensation plan offered by WazirX has been met with criticism. The exchange proposed a "55/45" loss-sharing ratio for users. Under this arrangement, users with 100% of their tokens in the "not stolen" category would receive 55% of those tokens back, while the remaining 45% would be converted to USDT-equivalent tokens and locked. WazirX co-founder Nischal Shetty claimed that this approach aimed to distribute the loss impact fairly, but it has been poorly received by customers.
Many customers have demanded a CBI investigation against WazirX owners and sought clarification on various aspects of the breach, including the attack details, external security audits, asset management, trading suspension, insurance, and the timetable for resuming withdrawals.
Eroding Trust: WazirX's True Loss
Over two weeks have passed since the attack, but the exchange has failed to provide a comprehensive and satisfactory response, further fueling customer outrage. The exchange's handling of the situation has been criticized, and questions remain about whether the compensation plan adequately addresses the needs of affected users. WazirX has acknowledged the criticism and expressed openness to feedback and exploring alternative resolution measures.
As time goes on, WazirX is likely to lose more customers if they cannot develop a concrete compensation plan.
Lessons for Other Indian Exchanges
Following the hack, prominent Indian crypto exchanges like CoinSwitch and CoinDCX have reassured their customers about the security of their funds. CoinDCX CEO Sumit Gupta emphasized the robustness of their wallet security, while CoinSwitch's Ashish Singhal advised investors to exercise caution during this volatile period. These exchanges have taken proactive steps to ensure the security of their systems and the protection of customer assets in cold wallets.
WazirX has faced various challenges in recent years, including a significant fallout with Binance in early 2023. The exchange's separation from Binance, after a dispute over ownership, has further complicated its situation.
Conclusion
The WazirX hack serves as a sobering reminder of the vulnerabilities that even major crypto exchanges can face. It underscores the need for enhanced security measures, clear communication, and robust incident response plans. Despite the current difficulties, there is still hope that WazirX can recover from this incident. The exchange's commitment to transparency, user support, and recovery efforts will be crucial in determining how well it can rebuild trust and continue operations.
Recent news
More>- Homosexual Pepe Solana Memecoin to Rally 18,000% Before Exchange Listing, While SHIB, BONK and DOGE Crash 01-01
- BTFD Presale Captivates Investors in the Best New Meme Coin Presales for Significant Returns as PEPE and SPX6900 Dominate the Scene Fuel the... 01-01
- Homosexual Pepe (HOMOPEPE) Solana Memecoin to Rally 18,000% Before Exchange Listing, While SHIB, BONK and DOGE Crash 01-01
- The Metrics Pointing to Massive Potential for WIF, JASMY, and PEPE in 2025 01-01
- BTFD Coin’s Presale is Unmissable Amid Pepe and Moo Deng’s Crypto Hype: Best Meme Coin Presales to Join This Week 01-01
- Homosexual Pepe (HOMOPEPE) Solana Memecoin to Rally 18,000% Ahead of Exchange Listing, While SHIB, BONK and DOGE Crash 01-01
- Crypto Gems for the Next Quarter: Top 5 Tokens to Watch 01-01
- Why $PEPE Jumped 20% Today And Which Coin Could Be Next 01-01
- Best New Meme Coins to Join for Short Term: BTFD Raises $4.7M in Presale as BONK Boasts Low-Cost Transactions and PEPE Enjoys Steady Followi... 01-01
Selected Topics
More>>-
- pepecoin Price Analysis
- This topic provides articles related to PepeCoin price, covering key PepeCoin insights and analysis
-
- pepe:meme star
- This topic provides articles related to the most promising meme, PEPECOIN, a project with the potential to become a mainstream digital currency. It has the advantages of decentralization, reliability, ease of use, fast speed, low cost and scalability, and is expected to be more widely used in the future
-
- pepecoin price prediction
- We’ve gathered facts about pepecoin’s success story and provided a pepecoin price prediction
Selected Articles
More>>- 1 Avalanche and Aptos rival raises over $600k in 2 weeks
- 2 Crypto Prices Today: Market Continues Rally With BTC, Pepe Coin, SEI Rising
- 3 Major Analyst Crypto Tony Bullish on These Meme Coins, But One Stands Out
- 4 MTAUR Ready to Crush DOGE and PEPE: 100x Price Growth Incoming?
- 5 Memecoins Surge in 2024, Popcat Leads with 7,621% YTD Gain, Outshining Top Crypto Tokens
- 6 PEPE Meme Coin Smashes ATH – See How Much an $83 Investment in Pepe Coin Last Year is Worth Now
- 7 Missed Pepe Unchained? Don’t Worry, This New Pepe-Themed Meme Coin Will Produce Bigger Gains in 2025
- 8 Top 4 Altcoins At 70% Discounts – Last Chance!
- 9 Smart $Pepe trader makes $11.7M profit during Market Drop
- 10 Dogecoin Creator Proposes DOGE to NBA Legend Scottie Pippen
ABOUT US
We are building the most influential,trusted information platform for aglobal community engaged in thd transformation of the financial system andthe emerging crypto economy.PEPE is an integrated platform for media,events,data & indices for the next generation fo investing and the future of money.
Get in touch with the PEPE team at admin@pepecoinbuy.com