TLDR:
- WazirX exchange suffered a $230 million hack in July 2024
- Hackers have nearly finished laundering stolen funds through Tornado Cash
- Singapore court granted WazirX a 4-month moratorium to restructure
- WazirX users unlikely to recover 100% of assets; partial withdrawals enabled
- Binance denies responsibility, stating it never acquired WazirX
The Indian cryptocurrency exchange WazirX continues to grapple with the aftermath of a massive $230 million hack that occurred in July 2024.
The incident, which compromised over 45% of the exchange’s total reserves, has left the platform and its users in a precarious position.
The High Court of Singapore has granted WazirX a four-month moratorium to restructure its liabilities. This decision comes as a partial relief to the exchange, which had initially requested a six-month period.
The court-mandated conditions require WazirX to disclose its wallet addresses in a court affidavit, respond to user queries, and reveal its book of accounts within six weeks.
WazirX co-founder Nischal Shetty expressed gratitude for the court’s decision, stating that it allows the company to focus on “resolution, recovery and restructuring.”
The exchange’s parent company, Singapore-based Zettai, had filed for restructuring on August 23, seeking temporary relief from legal proceedings.
Hackers Nearly Finished Washing the Money
On-chain data reveals that the hackers responsible for the theft have nearly completed their efforts to launder the stolen funds.
Using the cryptocurrency mixer Tornado Cash, the attackers have systematically moved large amounts of Ethereum (ETH) through the platform, making it increasingly difficult to track the funds. As of the latest reports, only about $6 million worth of ETH remains in the hacker’s main wallet.
The use of Tornado Cash, a decentralized service that commingles cryptocurrencies to obscure their origin, has complicated recovery efforts. Despite being sanctioned by the United States Treasury in 2022, the mixer continues to operate due to its decentralized nature, handling nearly $2 billion in transactions through July 2024.
In an attempt to mitigate the impact on users, WazirX has partially lifted its withdrawal suspension, allowing customers to withdraw up to 66% of their Indian Rupee (INR) balances. However, the exchange has admitted that users are unlikely to recover 100% of their assets, particularly their cryptocurrency holdings, due to insufficient reserves.
The WazirX hack has also reignited discussions about the exchange’s ownership and responsibilities. Binance, previously thought to be associated with WazirX, has publicly denied any ownership or responsibility for the security breach. This contradicts earlier statements made by WazirX founder Nischal Shetty, adding another layer of complexity to the situation.
As part of its recovery strategy, WazirX is actively seeking partnerships to infuse cash and navigate through the crisis. The exchange has reportedly entered into discussions with at least 11 other exchanges and signed non-disclosure agreements with three potential partners.
Some analysts have speculated that the sophisticated nature of the attack might point to involvement from state-sponsored actors, such as the North Korean Lazarus Group, though this remains unconfirmed.
As the four-month restructuring period begins, WazirX faces the daunting task of rebuilding trust with its user base while working to recover as much of the stolen funds as possible.