WazirX, one of India’s leading cryptocurrency exchanges, has recently been compromised in a hack that resulted in the theft of $235 million. This was detected by Web3 security firm Cyvers, which noted several dubious actions involving WazirX’s Safe Multisig wallet on Ethereum.
The alleged culprit of the hack seems to have relocated the stolen funds to another address. This was facilitated by Tornado Cash, a decentralized protocol specializing in private transactions. It’s estimated that the hacker has already converted a significant portion of Tether, Pepe, and Gala coins into Ethereum.
A crypto detective using the alias ZachXBT on the “Investigations by ZachXBT” Telegram channel, stated that the attacker’s primary address still contains over $104 million in various cryptocurrencies. These include Shiba Inu, Ethereum, and Polygon MATIC, as well as smaller amounts of other tokens such as FLOKI, Fantom, and Fetch.ai.
In the wake of this security breach, WazirX has temporarily suspended the withdrawal of cryptocurrencies and Indian rupees on its platform. The exchange’s official statement suggests they are in the process of investigating the incident but have not yet commented on the security of users’ funds or how they plan to recover the stolen crypto assets.
The hack comes at a challenging time for crypto exchanges operating in India. Just last week, the Financial Intelligence Unit of the Indian Ministry of Finance issued compliance notices to several foreign crypto exchanges, including OKX. This notification asked Indian users of OKX to close their accounts and withdraw funds before April 30, as the platform will no longer be servicing users in India. Despite the Indian government’s ongoing discussions spanning nearly four years, the regulatory environment for cryptocurrencies in the country continues to remain uncertain.