WazirX Hack Update: Will Investors Get Their Money Back?

WazirX Hack Update: On Thursday, July 18, 2024, the Indian crypto exchange WazirX experienced a devastating security breach. The attack resulted in the loss of over $230 million worth of crypto assets. Hence, the users of the crypto exchange have been concerned about their holdings and whether CEX will be able to recover the stolen funds.

WazirX Hack: What Exactly Happened?

WazirX announced via their social media platform X that one of their multisig wallets had been compromised. This wallet was secured using Liminal’s digital asset custody and wallet infrastructure, and it had been in operation since February 2023. The wallet required multiple signatories for transaction approval—three from WazirX and one from Liminal.

However, despite these security measures, the attackers exploited a discrepancy between the data displayed on Liminal’s interface and the actual transaction contents. This allowed the attackers to replace the transaction payload, thereby gaining control over the wallet.

The breach specifically targeted WazirX’s Ethereum multisig wallet, affecting both Ethereum (ETH) and ERC-20 tokens. The attackers managed to steal 15,298 ETH directly. The exploiter subsequently swapped other assets such as Shiba Inu (SHIB), Polygon (MATIC), and Pepe Coin (PEPE) tokens, amassing a total of 59,097 ETH, valued at $206.7 million at press time.

WazirX Provides Update On Hack & Takes Immediate Action

In response to the breach, WazirX swiftly paused INR and crypto withdrawals to protect remaining assets. Furthermore, they filed a police complaint and reported the incident to the Financial Intelligence Unit (FIU) and CERT-In, India’s nodal agency for responding to cyber incidents. In addition, WazirX also reached out to over 500 exchanges to block the identified addresses involved in the theft.

Moreover, many exchanges reportedly are cooperating with the investigation. WazirX’s preliminary findings and ongoing investigations point to a sophisticated cyber attack that exploited the interface and transaction verification process managed by Liminal.

Both WazirX and Liminal have engaged in a blame game, each accusing the other of lapses in security. Liminal maintains that their infrastructure was not compromised. Additionally, they accused that the breach occurred due to vulnerabilities on the exchange’s side.

Also Read: Just In: Liminal Claims No Responsibility in $230M WazirX Wallet Hack

The Recovery Efforts By WazirX

The path to recovery for the stolen funds is fraught with challenges. On-chain analytics firm Spot on Chain reported that the hacker’s Ethereum holdings have significantly increased following the liquidation of stolen assets. Notably, the hacker has used Tornado Cash, a mixing service, to obscure the origin and destination of funds. This complicates efforts to trace and recover the assets.

In another update on the hack, WazirX has stated that they are working with forensic experts and law enforcement agencies. They aim to track the stolen funds and identify the perpetrators. They have also received support from the crypto community. Hence, multiple individuals and entities offering assistance in the fund recovery process.

Despite these efforts, the nature of the cyber attack and the use of mixing services like Tornado Cash make the recovery of stolen assets a daunting task. However, the majority of the stolen funds, converted to Ethereum, still reside in the hacker’s wallet.

The embargo on these wallets by different crypto exchanges could have led to the funds remaining stagnant. This rightly offers some hope of successful recovery of funds. Nevertheless, if the WazirX hacker manages to transfer the ETH funds to Tornado Cash, chances of a recovery may become slim.

Adding another layer of complexity to the situation, the notorious North Korean hacker group Lazarus is suspected of being behind the WazirX exploit. This group has been linked to numerous high-profile cyber attacks targeting crypto exchanges and financial institutions worldwide. If Lazarus is indeed involved, it underscores the sophisticated and international nature of the threat. This could further complicate the recovery efforts.

Here’s What WazirX Investors Need To Know

For WazirX investors, the immediate concern is whether they will get their money back. Here are the key factors that will influence the outcome:

1. Tracing & Recovery Efforts:

The success of forensic investigations and collaborations with law enforcement and other exchanges will be critical. Identifying the flow of funds and freezing or recovering assets requires advanced cyber forensic techniques and international cooperation. Since, WazirX’s update on hack indicates an active participation of the forensic team, there is a high chance investors might be able to get back their money.

2. Community Support:

The involvement of the entire crypto community, including exchanges and blockchain analytics firms, can significantly enhance the chances of tracing and recovering the stolen assets. Moreover, the Indian exchange has contacted over 500 CEXs for cooperation, which could expedite recovery.

3. Legal Actions:

The outcome of legal actions taken by WazirX, including their police complaint and reports to regulatory bodies, will also play a crucial role. These actions can help in apprehending the perpetrators and potentially recovering some of the stolen funds.

4. Compensation Plans:

In the event that the stolen funds cannot be fully recovered, WazirX may need to come up with compensation plans for affected investors. This could involve leveraging insurance policies, setting up a recovery fund, or other ways to mitigate the impact on investors.

5. Use of Tornado Cash:

The notorious crypto mixer has been used by WazirX exploiters. Hence, if they are successful in transferring the stolen crypto assets to Tornado Cash, a recovery might be next to impossible. Thus, the exchange needs to freeze the exploiter wallets and recover the funds before such a mishap occurs.

6. Not An Inside Job:

Nischal Shetty, founder of WazirX, refuted claims of an insider being involved in the hack. If it were an inside job, the recovery could have been way easier. However, the involvement of a sophisticated hacker group and platforms like Tornado Cash makes it complicated.

In a post on X, he clarified, “The cyber attack stemmed from a discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents. During the cyber attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. We suspect the payload was replaced to transfer wallet control to an attacker.”

Also Read: WazirX Hack Update: Firm Working With 500 Exchanges And FIU To Recover Funds

The post WazirX Hack Update: Will Investors Get Their Money Back? appeared first on CoinGape.