In the wake of a significant exploit that resulted in the loss of nearly half of its assets, India-based centralized exchange WazirX is actively seeking partnerships to restore full operations. The exchange’s co-founder, Nischal Shetty, took to social media to share the news with users, stating that they are working on a solution to help restart their services.
WazirX confirmed a security breach in one of its multisig wallets, which led to the loss of over $230 million in user assets. A range of cryptocurrencies were stolen, including popular tokens such as SHIB, Ethereum, Matic, Pepe, USDT, and Gala. These stolen funds represent approximately 50% of WazirX’s total $500 million holdings, as reported in their June proof-of-reserves document. The exchange has temporarily halted trading as a result of the hack’s impact on its ability to maintain 1:1 collaterals with assets.
Shetty mentioned ongoing efforts to find a resolution that would benefit their customers, stating that they have been in contact with potential partners to explore various solutions. He stressed that they are working on enabling platform deposits, withdrawals, and trading once again. Additionally, WazirX is actively collaborating with law enforcement to track down the culprits responsible for the hack and recover the stolen funds.
In an attempt to incentivize the hackers to return the stolen funds, WazirX has launched a $23 million bounty program. However, market observers have expressed skepticism about the likelihood of the funds being returned, especially considering the potential affiliation of the attackers with North Korea’s Lazarus Group. Despite this, the exchange continues to maintain that the hack was external to its product infrastructure.
Shetty clarified that the hack did not impact the firm’s fiat INR funds but did not specify whether INR withdrawals would be enabled. The exchange attributed the exploit to compromised devices owned by WazirX, while third-party custody provider Liminal argued that its infrastructure was not compromised. WazirX refuted suggestions of compromised wallet hardware, emphasizing that the hack did not result from a phishing link but rather involved three signatures from three different devices using different hardware wallets.
As WazirX navigates the aftermath of the security breach, the exchange is actively seeking solutions and partnerships to restore its operations fully. With efforts underway to recover the stolen funds and mitigate the impact on customers, the exchange faces significant challenges in rebuilding trust and addressing the vulnerabilities that led to the exploit. Despite the complexities involved, WazirX remains committed to finding a resolution that benefits its user base and ensures the security of its platform in the future.