India’s leading cryptocurrency exchange, WazirX, suffered a significant security breach on 18 July 2024, with hackers stealing an estimated $235 million worth of digital assets. The attackers targeted WazirX’s Safe Multisig wallet on the Ethereum blockchain, compromising its security and enabling unauthorized transfers.

Web3 security firm Cyvers first flagged the incident, detecting “multiple suspicious transactions” involving the compromised wallet. Further investigation revealed that roughly $234.9 million had been moved to a new address, with each transaction originating from an account utilizing Tornado Cash, a service designed to anonymize cryptocurrency transactions.

What Was Stolen?

Analysis of the stolen funds indicates a diverse mix of cryptocurrencies. The largest portion, valued at around $100 million, comprised Shiba Inu (SHIB), a popular memecoin. Additionally, hackers stole significant amounts of Ethereum (ETH) worth approximately $52 million and Polygon’s MATIC token valued at $11 million. Other affected tokens included Floki Inu (FLOKI), Fantom (FTM), Chainlink (LINK), and Fetch.ai (FET), alongside smaller quantities of various other cryptocurrencies.

WazirX Responds to the Breach

WazirX reacted swiftly to the attack by suspending all cryptocurrency and Indian rupee withdrawals on the platform. In a statement on their social media channel, the exchange’s team acknowledged the incident and confirmed they are “actively investigating” the matter. They pledged to provide further updates as the situation develops.

Uncertain Recovery Efforts

Bitcoin Minting team attempted to reach out to WazirX for comment regarding user fund security and potential strategies for recovering the stolen assets. However, as of now, the exchange hasn’t provided a response, leaving users concerned about their holdings.

Regulatory Landscape in India Remains Unclear

This attack underscores the ongoing challenges associated with cryptocurrency regulations in India. In March 2024, the Financial Intelligence Unit (FIU) of the Indian government issued notices demanding several foreign cryptocurrency exchanges, including OKX, to cease operations within the country. This incident further intensifies the need for clear and well-defined regulations to govern the Indian crypto market.

With investigations underway and millions of dollars stolen, the WazirX hack serves as a stark reminder of the vulnerabilities within the cryptocurrency industry. The lack of regulatory clarity in India also poses an additional hurdle for investors and exchanges alike. As the situation unfolds, it will be crucial for WazirX to regain user trust and implement robust security measures to prevent similar attacks in the future.