Cryptocurrency Exchange WazirX WRX
-0.15%
The platform recently halted trading on July 18th after a private key leak resulted in $230 million being stolen from wallets.
“Due to a cyberattack theft, our ability to maintain 1:1 collateral with your assets has been impacted and we have temporarily suspended trading,” WazirX wrote in an announcement post on X. WazirX’s wallet has been emptied. Worth over $100 million Shiba Inu 
SHIB
+1.19%
At that time, it was worth millions of dollars. 
Matic
+1.60%
token, 
Pepe
+3.27%
token, 
USDT
+0.34%
and 
festival
+1.67%
Token. Hacker Evidence suggests that the North Korean state-sponsored Lazarus Group converted most of the embezzled assets into ether.
“We are conducting thorough forensic data examination and security audit procedures and are working to enable withdrawals soon. User safety remains our top priority,” the exchange wrote in an announcement post.
WazirX also announced that it will be setting up a bounty program for assistance in tracing and freezing or returning funds, inviting cybersecurity and blockchain experts to “join this important mission and protect the integrity of the cryptocurrency ecosystem.”
The company originally offered 5% of recovered funds as an incentive to help get the full amount returned, but later doubled the reward to 10% following feedback from blockchain detective ZachXBT, according to a company post. The company is also offering “up to $10,000 worth of USDT” for “actionable information leading to a fund freeze.” The program will run for three months, but the length is subject to change.
“A $10M bounty means nothing if it’s the Lazarus Group, as they will either hand over the funds or not be held legally accountable. 5% is lower than the industry standard of 10%+,” ZachXBT wrote. ZachXBT also made it clear that he will not be participating in the investigation, writing, “I do not have the resources to track down a potential Lazarus Group hack 24/7. It would take a lot of time.”
As ZachXBT points out, recoveries from hacks linked to the Lazarus Group are extremely rare. When $30 million was recovered from the infamous Lazarus Group-linked Ronin Bridge hack of Axie Infinity in September 2022, Chainalysis noted that this was the first time that funds linked to the North Korean hacking group had been seized. Not all hope is lost for WazirX, though, “… I am confident that this will not be the last,” Chainalysis’ Chief Investigative Officer Erin Plant wrote at the time.
Disclaimer: The Block is an independent media outlet providing news, research and data. As of November 2023, Foresight Ventures is the largest investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, influential and timely information on the cryptocurrency industry. Current financial disclosures are as follows:
© 2023 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be legal, tax, investment, financial or other advice.