Crypto exchange WazirX faces government scrutiny over $235M hack

Indian authorities have been investigating WazirX regarding the $235 million hack on the cryptocurrency exchange that compelled it to suspend operations and freeze user assets.

According to a local media report citing an unnamed source, several government agencies, including the Financial Intelligence Unit (FIU), are collaborating with WazirX to uncover details related to the July cyberattack. 

Probed amidst restructuring efforts

Over the past weeks, the exchange’s management has also had meetings with the Intelligence Bureau and the Indian Computer Emergency Response Team (CERT-In) alongside the FIU.

The exchange has reportedly shared server logs, transaction trails, and blockchain addresses tied to the hack with the authorities. However, no physical assets, such as laptops, have been confiscated, but WazirX remains in frequent meetings with government bodies as the investigation progresses.

The scale of the hack of WazirX’s hot wallets has raised concerns about the security and regulation of the cryptocurrency industry, particularly its impact on retail investors.

During the attack, over 45% of the exchange’s total assets were siphoned, leaving the exchange unable to maintain a 1:1 collateral ratio with user holdings. Since then, customer complaints have overwhelmed WazirX’s X account with calls to return the locked assets.

WazirX has also initiated its own investigations but has found no evidence of insider involvement so far, the report added. 

Meanwhile, external audits conducted by both WaziX and its former custodian, Liminal, have cleared both platforms of any infrastructural vulnerabilities.

To date, the exchange has managed to return its customer’s INR balances, that too partially, with investors gaining access to only 66% of their fiat balances while their crypto holdings remain locked. As such, disgruntled users have been urging Indian authorities to step in.

Another source noted in the recent report that the agencies are concerned about the “size of the illegal transfer” and have reached out to other industry stakeholders to assess the broader implications of the breach, looking at how transfers happen and the liquidity structures involved.

WazirX has agreed to publicly disclose its wallet addresses and asset holdings through court affidavits and has committed to answering user queries to maintain transparency as a part of a four-month moratorium filed with the Singapore High Court.  

Furthermore, WazirX intends to form a 10-member committee of creditors by Oct. 9, which will guide its restructuring efforts. However, WazirX’s legal representatives have confirmed that the exchange would only be able to return “55-57%” of its customer’s crypto assets within the next six months. 

WazirX is also working with external security firm, zeroShadow and financial and risk advisory firm Kroll. These companies will assist in determining the likelihood of recovering the lost funds and recommending steps for the next phase of recovery.

Other challenges

WazirX is also engaged in a legal conflict with Binance stemming from an unresolved dispute over ownership, which could determine whether WazirX’s creditors might also become Binance’s creditors.

Binance’s relationship with WazirX dates back to Nov. 2019, when Binance announced it had acquired the Indian exchange. However, by Aug. 2022, Binance’s former CEO, Changpeng Zhao, stated that Binance never owned any equity in Zanmai Labs, the entity operating WazirX, and had no control over WazirX’s operations.

Binance has since called WazirX’s claims “outrageously misleading.”

In the meantime, the bad actors behind the July 18 breach have continued to launder the stolen funds using the crypto-mixer Tornado Cash.

The post Crypto exchange WazirX faces government scrutiny over $235M hack appeared first on Invezz