WazirX is part of Indian cryptocurrency exchanges that suffered a devastating cyberattack last month in which the hackers siphoned more than $230 million in cryptocurrency assets. That comes as crypto tracker Lookonchain claimed the stolen funds were converted into Ether, the world’s second-largest cryptocurrency by market capitalization. This sets some shaking moments in the crypto world and dent in the security of digital assets on exchanges.
Extent of WazirX Hack
More than $230 million worth of assets was lost in the WazirX hack. This huge amount was then transferred in ETH, because over 59,000 ETH were transferred into different wallets. At that time, 1 ETH was around $2,373.56, making the total amount in ETH to be around $140 million. Crypto tracking services were not late in pointing out the movement of the funds, something possible under blockchain technology.
Recovering the stolen assets has, however, been a big headache to law enforcement despite blockchain transactions being, by nature, visible. Blockchain transactions are traceable but normally irreversible; hence, once the funds are transferred to private wallets or changed into other cryptocurrencies, the probability of reclaiming the lost funds is close to null.
Tornado Cash: A Tool for Hiding Stolen Funds
One of the crucial ingredients to this WazirX hack being pretty hard to trace was the involvement of Tornado Cash, a cryptocurrency “mixer.” Mixers such as Tornado Cash allow users to mask the origins of their cryptocurrency by mixing it up with other users’ coins before transferring it to another wallet. While these services have many very legitimate uses for people valuing privacy, they are also frequently abused by hackers to obscure the trail of stolen assets.
Where the hackers leveraged the opportunity presented by Tornado Cash to break all connections between the taken funds and their origin—the fact that made any attempt by the relevant authorities to track the assets or bring perpetrators to book almost impossible. While the transparency nature of the blockchain allows observers to actually know where the funds are being forwarded to, the anonymity from services like Tornado Cash upsets efforts to recover the stolen crypto.
Legal Response by WazirX Post Hack
The massive hack had finally begun forcing WazirX to take some extreme measures. Thereafter, the exchange reportedly brought all crypto trading activities to a grinding halt. Thus, users were barred from accessing their digital assets on the exchange or withdrawing them. Partial withdrawal permissions were allowed only in INR, which infuriated the users even further.
The Singapore legal system has since witnessed WazirX file for a moratorium. This legally aims at giving the company more time to restructure and come up with a plan for recovery from the losses. As WazirX goes through restructuring, the way recovery for the stolen assets will be made or the impact of the hack on the firm’s operations in the long term remains uncertain.
Reaction of WazirX Users to the Hack
The reaction amongst the WazirX users was instantaneous and fiery—the inconvenience of losing cash to such a hack really upset many, especially given the enormous size and poor response from the company. Especially WazirX CEO Nischal Shetty was in the line of fire among the users for their very belated updates over the cyber attack. Many, in fact, took social media by storm to express their concern and demand answers from the firm.
Despite these criticisms, Shetty has reiterated that WazirX is doing everything it can to rectify the situation and is working to ensure users’ funds are protected in the future. The thing is, even with such declarations, the company’s reputation is already destroyed and will take a lot to gain back the user’s trust.
Was North Korea involved in the hack?
An example of this is some crypto news reporting sites that have tried to correlate North Korean hackers with the WazirX cyberattack. This appeared to partially be based on several other high-profile cryptocurrency hacks over recent years whose investigations hinted at North Korea’s involvement. These are often performed by groups such as the Lazarus Group, which target cryptocurrency exchanges in order to fund the North Korean regime.
However, it has not confirmed, till date, any information on who the hackers were. The lack of confirmation leaves many questions open, and investigations into the hack continue.
The Challenge of Recovering Stolen Crypto
Of all the issues, the most challenging one remains that the recovery of the stolen cryptocurrency has been quite difficult for WazirX and its users. While the nature of the blockchain can easily help someone trace the movement of funds, once it has gone into anonymous wallets or mixed with services like Tornado Cash, recoveries always turn out to be very low.
Law enforcement agencies often can’t recover such assets, which are transferred to wallets belonging either to anonymous people or those in countries without stringent legal arrangements regarding cryptocurrency crimes. Recovery of the lost funds for the users of WazirX seems a remote possibility at this juncture.
WazirX’s Future Plans
Despite this all, WazirX is determined to find its way out. Following this broader restructuring and recovery from the hack, the company applied for a moratorium in Singapore. This will help the firm get legal protection in buying some time until it comes up with an elaborate recovery plan and stopping more damage from occurring to the operations of the firm.
Although the company did not give an indication of when crypto withdrawals would be resumed, users were confident that WazirX would get its act together and restore normal operations in the months to come. The company also reiterated its commitment to putting in better security measures that would help avoid such cyberattacks in the future.
Lessons Learned from the WazirX Hack
The WazirX hack has brought forth the vulnerabilities that exist within the whole ecosystem of digital currency. While blockchain technology offers many advantages in terms of transparency and decentralization, it also comes with significant risks regarding security. Cryptocurrency exchanges are frequently targeted by hackers, and there is barely any probability that the tracking and recovery of the fortunes lost with digital assets will take place.
This should serve as a lesson to users of crypto exchanges to be wary and take precautionary measures that ensure their virtual assets are safe. Among the many ways users can secure their digital assets against possible risks are the use of hardware wallets, two-factor authentication, and caution against phishing attacks.
Conclusion
The WazirX hack serves as a glaring reminder of the perils within the confines of the crypto world. As the investigation unfolds and the road to recovery is pursued with desperation by WazirX, due to the intensity of this setback, there needs to be vigilance both on the part of the exchange and its users against similar incidents in the future. With millions of dollars at stake, the crypto community looks at how WazirX navigates its way through the crisis.