Key highlights:
- WazirX Hacker Moves $6.5 Million Worth of ETH to Tornado Cash
- In July 2023, WazirX suffered a hack that resulted in a loss of $230 million.
- WazirX is undergoing restructuring and allowing some withdrawals.
- Clients can expect to recover only 55%-57% of their funds.
- North Korean hacking group Lazarus suspected of being behind this attack
The hackers responsible for the $230 million WazirX breach in July began moving the stolen funds through the cryptocurrency mixing service Tornado Cash on September 3, 2024.
According to blockchain security firm PeckShield, the attackers transferred 2,600 ETH, worth approximately $6.5 million, to approved platforms.
#PexshieldNotification #WazirX The address marked as Exploiter sent 2600.1. $Ethereum (valued at approximately $6.5 million) #TornadoCache Within the last 9 hours
July 18th in India #CEX WazirX suffered a major security breach, which resulted in the theft of $230 million worth of cryptocurrency. pic.twitter.com/0QeKkleUyb— PeckShieldAlert (@PeckShieldAlert) September 3, 2024
According to Arkham Intelligence, the hacker executed 26 transactions, each transferring 100 ETH to Tornado Cash.
The move comes hours after WazirX held its first town hall meeting to discuss the moratorium application. The use of Tornado Cash, a service known for hiding transaction traces, raises concerns about the possibility of recovering stolen assets.
The security breach on July 18 targeted one of WazirX’s multi-signature wallets, resulting in the largest cryptocurrency theft in Indian history.
The stolen funds included assets including over $100 million in Shiba Inu (SHIB) tokens and $52 million in Ether (ETH), representing over 45% of the total reserves reported by the exchange in June 2024.
In response to the hack, WazirX imposed a 66% cap on users’ Indian rupee withdrawals. The exchange also took legal action by filing an affidavit in the Singapore High Court, seeking a six-month reprieve for its holding company, Zettai, to restructure its debts.
“It’s very unlikely that cryptocurrencies will ever recover 100%,” said Jason Karachi, Crawl’s managing director, in a recent town hall meeting.
Current numbers suggest a range of 52%-57% in cryptocurrency terms.” The announcement disappointed investors, who argued that it did not provide any new information beyond what had previously been disclosed.
WazirX announced on September 3 that it has started allowing users to withdraw up to 66% of their Indian Rupee token balance on the exchange, almost a week earlier than originally scheduled. The exchange has brought forward the withdrawal period to give users quicker access to their funds.
However, WazirX noted that 34% of its rupee balance is “frozen” due to ongoing investigations with various law enforcement agencies. The exchange also suggested that there are still legal issues surrounding cryptocurrency withdrawals.
The attack on WazirX is believed to be the work of the North Korean hacking group Lazarus. The group is believed to have laundered over $1 billion in stolen funds through Tornado Cash before being sanctioned by the U.S. Office of Foreign Assets Control (OFAC) in 2022.
Trading on the WazirX platform is expected to resume once the creditors approve the restructuring proposal and the court approves it.