Indian cryptocurrency exchange WazirX has announced a strategic plan to recover user funds after a $230 million cyberattack, employing a 55/45 asset distribution model and offering two options for affected users to manage their remaining assets.
Overview of the Incident
On July 18, 2024, WazirX, a prominent Indian cryptocurrency exchange, experienced a significant security breach. This exploit targeted the exchange’s multisig wallet on the Ethereum network, resulting in the theft of over $230 million worth of various cryptocurrencies. The stolen assets include large amounts of Shiba Inu (SHIB), Ethereum (ETH), MATIC, PEPE, USDT, and GALA.
Cause and Method of the Attack
The attack was attributed to a private key compromise, which allowed the hacker to upgrade WazirX’s multisig wallet to a malicious contract. This upgrade enabled the unauthorized transfer of funds. The discrepancy between the data displayed on Liminal’s interface (the digital asset custody service used by WazirX) and the actual transaction contents facilitated the breach.
Immediate Response
WazirX promptly suspended all withdrawals (both crypto and INR) to prevent further unauthorized transactions and to safeguard remaining assets. The exchange’s team, along with cybersecurity experts and law enforcement agencies, is actively investigating the incident.
Efforts to Recover Stolen Funds
- Forensic Investigations: WazirX has engaged with forensic experts and law enforcement agencies to trace the stolen funds. They are collaborating with other exchanges and blockchain analytics firms to track the hacker’s transactions.
- Freezing Assets: WazirX has contacted over 500 centralized exchanges (CEXs) to freeze the wallets associated with the stolen funds. This collaboration aims to prevent the hacker from liquidating or further moving the assets.
- Bounty Program: WazirX announced plans to introduce a bounty program to incentivize information that could lead to the freezing or recovery of the stolen assets. Bounty 1: Track & Freeze — offering rewards up to $10,000 worth of USDT for actionable intelligence that leads to freezing the funds. Bounty 2: White Hat Recovery — providing a 10% i.e., up to $23 Million incentive of the recovered amount as a white hat reward.
Liminal’s Statement
Liminal, the digital asset custody service used by WazirX, clarified that their platform was not breached. They stated that the compromised wallet was created outside their ecosystem. Liminal assured that all WazirX wallets created on their platform remained secure and that all malicious transactions originated from outside their system.
“Our preliminary investigations show that one of the self-custody multi-sig smart contract wallets created outside of the Liminal ecosystem has been compromised. We can confirm that Liminal’s platform is not breached, and Liminal’s infrastructure, wallets, and assets continue to remain safe.” — Liminal
Fund Recovery Plan
In a move to address the recent cyberattack, WazirX has announced a strategy for user fund recovery. Drawing lessons from past incidents such as the Mt. Gox and Bitfinex hacks, WazirX aims to apply the best practices from these cases to ensure a fair and efficient resolution. The hack affected 45% of user funds, leading WazirX to implement measures aimed at minimizing disruption to its users and maintaining the platform’s stability.
Approach to Loss Distribution
In a blog post, WazirX announced a 55/45 approach, allowing users immediate access to 55% of their assets while locking the remaining 45% in Tether (USDT)-equivalent tokens. This method contrasts sharply with the prolonged uncertainty often experienced in similar scenarios. By socializing the loss, WazirX aims to distribute the impact evenly across all users, preventing any single group from bearing a disproportionate burden. This approach is expected to facilitate a faster and more flexible resolution than traditional methods.
User Options and Communication
WazirX is offering users two different options for managing their remaining assets, with detailed instructions communicated through the WazirX app or website. Users will receive instructions via email and must respond by August 3 at 7:00 am India Standard Time to select their preferred option.
Asset Management Strategy
WazirX will form a portfolio containing various crypto assets to manage the unlocked 55% of users’ assets. This approach aims to lessen the impact on users with affected tokens. If any affected tokens are included in the unlocked portion, they will be swapped with unaffected crypto assets to keep the portfolio balanced. The value of the unlocked portfolio will be calculated based on average prices from CoinMarketCap and select global exchanges as of July 21 at 8:30 pm IST.
Current Status and Future Outlook
As of now, WazirX has not provided a specific timeline for when users’ funds will be fully unlocked. The complexity of the attack, especially with the hacker using sophisticated methods to obscure the trail of funds, makes the recovery process challenging. However, the majority of the stolen funds, which have been converted to Ethereum, are still tracked and have not been fully liquidated, offering some hope for recovery.
Stay tuned to Bitnaz.com for more insights and updates on the latest trends in the cryptocurrency world. Don’t forget to like, subscribe, and share the video to stay ahead in the crypto game!
