WazirX, one of the largest crypto exchanges in India, lost $235 million to a multisig wallet security breach in July 2024.
News
Own this piece of crypto history
The Indian cryptocurrency exchange WazirX is planning to restore the balances of all platform accounts following the halt of withdrawals caused by a $235 million hack in July 2024.
WazirX officially announced on Aug. 8 that the platform will undo all trades carried out after the withdrawal suspension on July 18.
“All users will have their portfolio balances on the WazirX platform restored to what they were on July 18, 2024,” the announcement said, adding that the account recovery will be conducted over the next few days. Affected users will receive an email notification on the affected trades.
Why are post-hack WazirX trades being reversed?
According to the announcement, the decision to restore account balances and undo certain trades on WazirX aims to facilitate an “equitable outcome for users following the abnormality arising” from the July hack.
WazirX will cancel the trades between July 18 and July 21 to ensure that “all users are equitably treated,” the firm wrote on its website.
All trades following July 18, 07:30 am UTC, are rendered ineffective, and users’ portfolios will be restored to their previous state.
“Fees and referrals arising from such restoration will similarly be reversed,” WazirX noted.
Any fiat or crypto successfully deposited after July 18 will be addressed “shortly in a future update.”
Multisig wallet discrepancies behind WazirX’s $230 million cyberattack
Founded in 2017, WazirX is one of India’s largest cryptocurrency exchanges.
The first reports on WazirX’s $234.9 million hack surfaced on July 18, with the Web3 security firm Cyvers detecting “multiple suspicious transactions” involving WazirX’s Safe Multisig wallet on Ethereum.
A multisignature wallet, or a multisig or shared wallet, is a crypto wallet that requires multiple signatures to execute and process a cryptocurrency transaction. In WazirX’s case, the multisig wallet had six signatories: one from Liminal and five from WazirX.
Related: WazirX launches fund recovery plan post $230M hack
According to the official communication from WazirX, the exchange’s wallet breach occurred due to discrepancies between the data displayed on the digital custody platform Liminal and actual transaction contents on WazirX.
While Liminal employees argued that WazirX’s hack did not breach Liminal’s platform, the Indian exchange subsequently claimed the opposite. Liminal also previously released a report suggesting that compromised WazirX machines caused the exploit.
As a result of the breach, the anonymous attacker reportedly stole at least $100 million in Shiba Inu (SHIB) and $52 million in Ether (ETH). The loss accounted for 45% of WazirX’s reserves.
Magazine: WazirX hackers prepped 8 days before attack, swindlers fake fiat for USDT: Asia Express
This article first appeared at Cointelegraph.com News