- WazirX fell victim to a digital heist in July.
- The exchangeโs financial future hangs in the balance.
- Some WazirX users question if the hack was an inside job.
Hacks are a persistent challenge for the crypto industry as cybercriminals continually evolve their tactics to execute digital heists. In July, WazirX was hit by a major breach, resulting in the loss of $230 million in ETH tokens.
Since then, the company has faced criticism on numerous fronts, including its slow response to reopening withdrawals and its public dispute with custody provider Liminal. Now, nearly two months later, some WazirX users suggest the hack could have been an inside job.
Suspicions Raised
The fallout from the WazirX hack has taken a new twist, with the X account “Justice for WazirX Users” (JfWU) raising suspicions of foul play. Although JfWU hasn’t provided concrete evidence, the account highlights unusual events that call for closer scrutiny of key personnel at the exchange.
Sponsored
JfWU outlined several discrepancies in the lead-up to the hack, including a breakdown of multiple security fail-safes. These irregularities, they argue, suggest that the hack may have involved internal collusion, further complicating the companyโs recovery efforts.
Hacker Steals WazirX Credentials
According to JfWU, the hacker opened a WazirX account using fake KYC information and deposited crypto, later trading it for GALA tokens. On July 18, the day of the hack, they began withdrawing GALA tokens, depleting WazirX’s hot wallet.
This forced the exchange to move additional GALA tokens from its cold storage, managed by custodians Liminal, to replenish the hot wallet so that other users could withdraw GALA.
As WazirX attempted the transfer, the hacker reportedly injected malicious code, causing the sweep of GALA tokens from cold to hot storage to fail. The issue was escalated to other cold storage signatories, who made several attempts to move funds.
The process of three different signatories trying to move funds enabled the hacker to steal their credentials and obtain the necessary number of signatures (plus the fourth from Liminal) to begin the breach.
Crystal Intelligence confirmed that forensic analysis showed that the laptops of key personnel, used for signing transactions, were not compromised. An independent audit of Liminalโs system by Grant Thornton revealed no evidence of a custodial breach.
The hacker managed to deceive WazirX and Liminal into approving a malicious smart contract to obtain control of the cold storage wallet, which was the critical final step in causing the loss of users’ funds.
Insider Job?
Tying the events together, JfWU expressed concern over WazirX storing nearly half of the users’ funds in a single cold storage location, questioning why such a significant portion of assets was concentrated in one place.
JfWU also pointed out that the hacker seemed to have targeted GALA tokens to trigger the events leading to the cold storage sweep. They suggested that changing the cold wallet smart contract would be challenging without insider help, intensifying suspicions of foul play.
In light of these unanswered questions, JfWU has urged affected users to file criminal complaints, aiming to pressure the Central Bureau of Investigation to open a formal inquiry into the WazirX hack.
On the Flipside
- WazirX has filed for company restructuring at the High Court of Singapore.
- The hacker continues to launder the stolen funds, with a recent $6.5 million transfer to TornadoCash on September 2.
Why This Matters
The WazirX hack serves as a reminder of the risks crypto users face when dealing with centralized entities.
WazirX hack raises fears of a domino effect in the crypto industry.
WazirXโs Restructuring Sparks Fresh Crypto Contagion Fears
Suriname presidential hopeful wants a Bitcoin standard.
Bitcoin Takes Center Stage in Suriname’s Presidential Race