Posted inIndia

WazirX Hack: Lessons from a $230M Crypto Breach

January 15, 2025

The WazirX hack is a hot topic in India as far as cryptocurrencies go. Once, this underlying exchange was loved by the masses, and they provided an easy-to-use interface that was sophisticated enough for both beginners and professionals. However, when the exchange’s wallet was drained of over 230 million dollars (around ₹2,000 crores) on July 18, 2024, in a hack attributed to the North Korean Lazarus Group, it highlighted the vulnerabilities in the system and created panic at an unprecedented level.

Though the founders and the team made an effort to prioritize communication and take action, there were a lot of questions that might have gone unanswered. In this blog post, we want to walk you through the incident, the key takeaways from it, and the steps everyone needs to take in order to stay safe in this sector.

The WazirX Hack

What Happened?

As per the primary investigation by the exchange, the entire thing stemmed from the mismatch of the data displayed on the Liminal interface and the actual transaction contents. Simply put, the incident happened due to a vulnerability the hackers/scammers exploited. Recently, there have been updates about the hacker group responsible for it.

The WazirX hack involved sophisticated exploitation of the exchange’s multi-signature (multi-sig) wallet system. Here’s a breakdown of the attack:

  1. Multisig Wallet Configuration: WazirX’s wallet required approvals from multiple signatories—specifically, three from WazirX and one from their custodian, Liminal—to authorize transactions.
  2. Compromise of Signatories: Attackers managed to compromise two WazirX signatories directly. The exact method remains unclear, but possibilities include phishing attacks or insider threats. Subsequently, they used a fake Liminal interface to deceive the remaining WazirX signatory and the Liminal signatory into approving malicious transactions.
  3. Deployment of a Malicious Smart Contract: With the necessary approvals, the attackers executed a delegate call from the multi-sig wallet to their malicious contract, altering the wallet’s implementation to point to the phishing contract address. This change granted them control over the wallet’s funds.
  4. Draining of Funds: Once in control, the attackers systematically transferred approximately $234.9 million worth of crypto assets to their own addresses.

This attack underscores the importance of rigorous security measures, including regular audits and enhanced verification processes, to safeguard digital assets.

Further investigation is required and by the looks of it, there is a lot of work pending. The Government of India has also stepped in to assist, and there have been talks of recovery plans. Unfortunately, there is no clear path just yet.

The Scale of the Breach

WazirX exchange clearly lost hundreds of millions to the hackers. In addition to that, there might be other data that might have been compromised. At the time of publishing this post, the exchange is not as transparent as everyone hoped for which means only time can tell us the remaining tale.

The cryptocurrency sector as a whole has always been seen as a speculative asset, and the user base in India is beyond shaken by the fall of WazirX. Now, the light at the end of the tunnel is the recovery plan, and as there is no timeline officially published, it has kept the users on their toes.

Immediate Response by WazirX

WazirX responded to the incident fairly quickly. Their actions will be discussed below. Note that they did get criticized for being reactive rather than proactive.

However, everyone needs to understand that attacks can happen at any time, and there is no one-size-fits-all solution for it just yet.

Freezing Transactions 

As expected, as soon as the attack was evident, the exchange halted all the withdrawals to prevent further unauthorized transactions. Eventually, even the deposits were halted.

Notifying Users

Users were notified both via email and through social media. The severity of the situation created heat, but still, the firm promptly did its best to keep everyone on the same page.

Engaging Experts

The firm reportedly has enlisted the help of cybersecurity firms to do a thorough investigation and trace the stolen assets.

Collaborating with Authorities

This exchange is also working closely with Indian law enforcement agencies to track down the culprits.

Impact on Users

WazirX hack has lost users with not only psychological trauma but also significant financial losses. The incident once again showcased the difference between traditional instruments and infrastructure to the present one. Many users took out their frustration via social media.

From the CEO to the official web handles, people expressed their thoughts, opinions, and prayers. Some of them were even exploring the legal actions one can take in a situation like this. All in all, it was an emotionally charged subject, and people were clearly overwhelmed.

What Crypto Enthusiasts can learn from this?

  • Use Hardware Wallets – Storing your coins in a hardware wallet is hands down the safest option. By utilizing hardware wallets, the threat potential will be incredibly low, and that should be at the top of your priority list.
  • Enable Strong 2FA – Two-factor authentication can also reduce the likelihood of any breach by a considerable amount, and it takes a few minutes at best to set it up.
  • Regularly Monitor Accounts – If you are using hot wallets, then keep a close eye on the account activity and report any irregularity immediately in case you spot it. The key is to spot unauthorized transactions at the earliest.
  • Diversify Holdings – For any reason, never ever put all your coins in a single exchange or wallet.
  • Educate Yourself – Staying updated is one of the best ways to spot red flags and potential threats from a mile away. So, educate yourself about the latest trends either by reading the news or by attending workshops.

WazirX Hack Conclusion

In the aftermath of the WazirX hack, CoinSwitch, an Indian cryptocurrency exchange, took significant legal and recovery actions:

  1. Legal Action for Fund Recovery: In August 2024, CoinSwitch filed a lawsuit against WazirX to recover approximately $9.65 million in assets that were trapped due to the hack. This legal move underscored the breach’s impact on other platforms and the broader cryptocurrency ecosystem.
  2. Recovery Initiative for Affected Users: In January 2025, CoinSwitch launched a ₹600 crore recovery program aimed at assisting WazirX users affected by the hack. This initiative reflects CoinSwitch’s commitment to supporting the cryptocurrency community and restoring trust in digital asset platforms.

These steps highlight the collaborative efforts within the cryptocurrency industry to address security challenges and support affected users.

The WazirX hack serves as a reminder of vulnerabilities present in the cryptocurrency ecosystem. Though it is undeniable that the financial losses are devastating, everyone involved should focus on the broader implications.

All in all, to create a thriving space for a new industry, users, exchanges and regulators must be on the same page as far as security and transparency elements are considered.

Last updated on January 30, 2025

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *