Key Insights:
- WazirX lost $230 million in a hack, prompting suspicions of insider involvement and security system failures.
- Justice for WazirX Users claims discrepancies in security, suggesting collusion between exchange personnel and hackers.
- Investigations show no system breach, raising concerns about internal help and mismanagement of users’ funds.
The cryptocurrency industry continues to face relentless cyberattacks, with hackers targeting digital exchanges to steal millions. In July, WazirX, one of India’s leading cryptocurrency exchanges, suffered a significant breach, resulting in the loss of $230 million worth of ETH tokens. The company’s handling of the situation, combined with emerging allegations of foul play, has cast a cloud of suspicion over the event.
Delays and Disputes Fuel Speculation
Following the breach, WazirX has been criticized for its slow response in reopening withdrawals and its ongoing public feud with its custody provider, Liminal. Nearly two months after the incident, some users now suggest that the hack could have been orchestrated from within the company itself. The X account “Justice for WazirX Users” (JfWU) has led the charge, raising concerns about unusual activities preceding the hack.
Concerns Over Security Failures
JfWU has pointed to multiple irregularities within WazirX’s internal security systems, claiming that several fail-safes were bypassed in the lead-up to the hack. According to the group, these discrepancies suggest possible insider involvement, further complicating the company’s recovery efforts.
The hacker reportedly opened a WazirX account using fake KYC details and traded cryptocurrency for GALA tokens. On July 18, they began withdrawing the tokens, draining WazirX’s hot wallet and forcing the company to move GALA tokens from cold storage, managed by Liminal, to replenish it. This transfer attempt allowed the hacker to inject malicious code, leading to multiple failed transactions by key personnel and exposing their signatures.
Allegations of Insider Help
With the signatures obtained, the hacker was able to upgrade the cold storage wallet’s smart contract, ultimately gaining control of the funds. Crystal Intelligence, a forensic analysis firm, confirmed that the laptops of key personnel involved were not compromised. Moreover, an independent audit by Grant Thornton found no breach in Liminal’s system, intensifying suspicions that the hack involved internal collusion.
JfWU has raised concerns about WazirX’s decision to store nearly half of its users’ funds in a single cold storage wallet, questioning the security protocols that allowed such a large concentration of assets in one place. They also noted that targeting GALA tokens specifically points to the possibility of insider knowledge, making it difficult for an outsider to execute the hack without help from within.
Calls for Further Investigation
In response to these allegations, JfWU has urged users affected by the hack to file criminal complaints with the authorities, hoping to push the Central Bureau of Investigation (CBI) to launch an official inquiry. The group’s growing influence is putting additional pressure on WazirX to provide transparency regarding the breach and its internal investigation efforts.
The WazirX hack has left many unanswered questions, with both the exchange and Liminal under scrutiny. While investigations continue, affected users are still waiting for clarity and compensation for their lost funds.
Personal Note From MEXC Team
Check out our MEXC trading page and find out what we have to offer! There are also a ton of interesting articles to get you up to speed with the crypto world. Lastly, join our MEXC Creators project and share your opinion about everything crypto! Happy trading! Learn about interoperability now!
Join MEXC and Start Trading Today!