After roughly four months of recovery efforts, WazirX, the largest crypto exchange to have operated in India, has frozen $3 million in USDT from last year’s devastating $230 million security breach in July.
This comes as WazirX undergoes “restructuring proceedings” and works to “trace and retrieve stolen assets,” a statement shared with Decrypt reads.
Freezing a portion of the stablecoins associated with the incident marks WazirX’s first significant breakthrough in a complex recovery effort that spans multiple legal proceedings across jurisdictions.
In November last year, WazirX co-founder Nischal Shetty revealed in a town hall meeting that the exchange is working on recovery efforts and has plans to reopen trading by February this year.
Recovery efforts and lawsuits
The massive security breach that took place last year in July compromised 45% of the exchange’s reserves.
Initial investigations over the weeks following the incident primarily targeted Ethereum-based ERC-20 tokens stored in hot wallets.
On August 28, 2024, the Singapore High Court granted WazirX’s parent company, Zettai Pte Ltd, a four-month moratorium to restructure its liabilities pending investigations from the breach.
On the same day, rival exchange CoinSwitch filed a lawsuit over $9.7 million in locked funds, including 28.7 crore in ERC-20 tokens and 39.9 crore in other digital assets.
By September of that year, analysts from Arkham Intelligence were able to track roughly $50 million of the stolen funds moving through Tornado Cash, with the threat actors accelerating their laundering activities through the privacy mixer in subsequent months.
The most recent and largest transfer was traced to September 25, four months ago, amounting to roughly $10 million in ETH.
The exchange followed this in October by announcing plans to disclose 240,000 wallet addresses and balances in a court affidavit, part of its transparency initiative during debt restructuring.
Denying threat actors
The crypto exchange’s update on its recovery efforts follows a joint statement from the U.S., Japan, and South Korea that was published this week. The statement attributed the attacks to the Democratic People’s Republic of Korea (DPRK, or North Korea), including the infamous Lazarus Group.
These attacks pose “a significant threat to the integrity and stability of the international financial system,” the statement reads.
The three countries claimed in the statement that it was published with the intent of denying the threat actors any revenue to be had from these exploits, for use in gaining “unlawful weapons of mass destruction and ballistic missile programs.”
The WazirX hack ranks third among the largest crypto hacks and exploits recorded in 2024, following PlayDapp’s $290 million and DMM Bitcoin‘s $308 million in losses.
Edited by Stacy Elliott.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
Source: https://decrypt.co/301538/wazirx-freezes-3-million-hack
