In a new twist to one of India’s largest cryptocurrency thefts, the hacker behind the $230 million breach of WazirX has started laundering stolen funds through Tornado Cash, a cryptocurrency mixing service notorious for its role in money laundering.
On September 3, 2024, blockchain security firm PeckShield reported that the hacker transferred 2,600 ETH, valued at approximately $6.5 million, into Tornado Cash. This news complicates efforts to recover the stolen assets, raising significant concerns for both the exchange and its users.
[PECKSHIELD] WazirX Exploiter Transfers 2,600 $ETH (~$6.5M) to Tornado Cash pic.twitter.com/dkYnkdDpj3
— BecauseBitcoin.com (@BecauseBitcoin) September 3, 2024
The breach occurred on July 18, 2023, when the hacker targeted a multi-signature wallet belonging to WazirX, one of India’s leading cryptocurrency exchanges. The attack resulted in the theft of a substantial amount of digital assets, including over $100 million in Shiba Inu (SHIB) tokens and $52 million in Ether (ETH).
In total, the stolen assets represented more than 45% of the exchange’s reserves as of June 2024, marking the incident as one of the largest cryptocurrency thefts in India’s history.
The hacker’s decision to move funds through Tornado Cash marks a significant escalation in the complexity of the recovery efforts. Tornado Cash is a cryptocurrency mixing service that obscures the origin of transactions by blending multiple transfers together. The hacker executed 26 separate transactions, each transferring 100 ETH to Tornado Cash, effectively complicating the tracking of the stolen funds.
Tornado Cash has been under scrutiny by U.S. authorities and was sanctioned by the U.S. Office of Foreign Assets Control (OFAC) in 2022 for its role in facilitating money laundering activities. The service has been linked to the laundering of over $1 billion in stolen funds, particularly by the Lazarus Group, a North Korean hacking organization suspected to be behind the WazirX breach.
In response to the breach, WazirX imposed a 66% withdrawal limit on users’ Indian rupee balances, a move that sparked frustration among its user base. The exchange also sought legal protection by filing for a six-month moratorium with the High Court of Singapore, aiming to restructure its liabilities through its holding company, Zettai.
During a recent town hall meeting, Jason Karachi, managing director at Kroll, highlighted the immense challenges faced by WazirX in recovering the stolen funds. Jason Karachi stated, “It’s highly unlikely there can be a recovery in crypto terms, at 100%. The present numbers indicate a range of 52%-57% in crypto terms.”
This grim outlook has left many investors disappointed, as it suggests that they may face significant losses despite ongoing recovery efforts.
#WazirX @NischalShetty
In ur first townhall meet,As per Kroll Company statement
Now total remaining asset value is 310MIf R.asset as on 23 Aug=284M (12M legal fee excluded)
Assets hold by binance=17M
Then total asset comes=301M
Gap=9M
Can u clear the difference amt? pic.twitter.com/IxCBIF58eC
— Sandeep Jaswal (@iSandeepJaswal) September 3, 2024
On September 3, 2024, WazirX announced that it would allow users to withdraw up to 66% of their Indian rupee token balances from the platform, nearly a week earlier than initially planned. However, the remaining 34% of rupee-denominated balances are currently frozen due to ongoing investigations by law enforcement agencies, further complicating the situation for users.
The involvement of the Lazarus Group adds another layer of complexity to the case. Known for their involvement in large-scale cybercrime, the group has become notorious for laundering stolen funds through platforms like Tornado Cash. Their involvement in the WazirX breach has heightened concerns about the potential for recovery, as the group’s sophisticated laundering techniques make it difficult to trace and reclaim the stolen assets.
As WazirX continues its restructuring process, the future remains uncertain. The exchange has announced that trading will resume once creditors approve the restructuring proposal and the court gives its sanction. However, the path to recovery is fraught with challenges, particularly as the hacker continues to leverage advanced techniques to obscure the trail of the stolen funds.
The WazirX hack serves as a stark reminder of the risks associated with cryptocurrency exchanges and the importance of robust security measures. For the exchange and its users, the focus now shifts to navigating the complex legal and financial landscape in the hopes of minimizing losses and restoring confidence in the platform.
You may also like:- 8 Best Methods to Make Money with Cryptocurrency
- Brazilian Hacker Demands $3.2M in Bitcoin After Hacking 300,000 Accounts
- Bitcoin Surges to New All-Time High at $82,657 as Market Sentiment Turns Bullish
- Top 31 Common Mistakes in a Crypto Bull Market
- Popular YouTuber MrBeast Under Investigation for Alleged $23M Insider Trading Scheme
- Man Makes ₹100 Crore in 17 Days After Buying Hippo-Inspired Crypto Coin
- Why Is Binance Founder CZ Being Released Two Days Early?
- Hacker Steals $6M Through Massive Token Minting Exploit on Delta Prime
- eToro US Halts Most Crypto Trading After SEC Settlement
- CEX.IO Resumes UK Operations After Regulatory Halt