India-based centralized exchange WazirX recently experienced a significant exploit that resulted in the loss of nearly half of its assets, totaling over $230 million in user assets. Co-founder Nischal Shetty took to social media on July 23 to inform users about the breach and reassure them that the exchange is actively seeking partnerships to restore full operations. This breach has prompted WazirX to temporarily pause trading as it works on a solution to resume platform deposits, withdrawals, and trading activities.
The security breach at WazirX involved the compromise of one of its multisig wallets, leading to the loss of various cryptocurrencies, including 5.43 billion SHIB tokens, over 15,200 Ethereum tokens, 20.5 million Matic tokens, 640 billion Pepe tokens, 5.79 million USDT, and 135 million Gala tokens. These stolen funds represent approximately 50% of WazirX’s total $500 million holdings, as reported in its June proof-of-reserves statement. The impact of this theft has made it challenging for the exchange to maintain 1:1 collaterals with assets, prompting the temporary halt in trading activities.
In response to the exploit, Nischal Shetty has been actively engaged in exploring various solutions to make customers whole again. He mentioned ongoing discussions with potential partners to find a resolution that would enable the restoration of platform functionalities like deposits, withdrawals, and trading. Despite the challenges posed by the breach, Shetty remains committed to working with law enforcement to identify the perpetrators and recover the stolen funds.
While the hack did not impact WazirX’s fiat INR funds, the exchange has introduced a $23 million bounty program in an attempt to incentivize the hackers to return the stolen assets. As of now, WazirX has received over 133 entries for the bounty program and is in the process of reviewing them. However, market observers have expressed skepticism about the likelihood of the funds being returned, particularly due to the potential affiliation of the attackers with North Korea’s Lazarus Group.
WazirX has maintained that the hack was external to its product infrastructure, stating that the compromised multisig wallet was managed by third-party custody provider Liminal. However, Liminal has refuted claims that its infrastructure was compromised and instead attributed the exploit to compromised devices owned by WazirX. In light of these conflicting statements, WazirX has denied suggestions about compromised wallet hardware, emphasizing that the exploit did not involve a phishing link but rather the use of three different devices with distinct hardware wallets.
The aftermath of the significant exchange exploit at WazirX serves as a stark reminder of the vulnerabilities present in the cryptocurrency ecosystem. As the exchange continues to navigate the fallout from the breach, it underscores the importance of robust security measures, transparent communication with users, and collaborative efforts to mitigate risks and safeguard user assets.