Mumbai, India-based cryptocurrency exchange WazirX was hacked on July 18 – leading to a loss of $235 million in crypto assets. As a result, the company had to freeze transactions immediately to prevent further breaches. On July 21, the company announced a bounty program on its blog to help recover the stolen funds.
A Singapore-based cybersecurity company Cyfirma identified that a North Korean hacker group named Lazarus carried out the theft. The stolen include $96.7 million in Shiba Inu, $52.6 million in Ether, $11 million in Matic, and $7.6 million in Pepe.
The hack by Lazarus is the largest crypto theft that happened in India and it has flipped the cryptocurrency industry in India and globally. Notably, 43 lakh Indian users had invested in cryptocurrencies through WazirX. And the stolen funds account for 45 percent of the total crypto assets that WazirX was holding.
Last week, WazirX through its Singapore-based parent company Zettai Pte Ltd filed an affidavit for a moratorium in the Singapore High Court seeking to stop and slow down proceedings against it and provide legal protection.
Now Indian crypto investors have their deposits locked in WazirX and are unable to withdraw their funds completely. Users are alleging that the three promoters of the company are trying to escape legal proceedings by forum shopping in Singapore.
Many have shared their bank account statements on social media to convey their financial situation while requesting the platform to let them withdraw from their crypto accounts.
According to the latest reports, George Gwee, a director at Aerocity, New Delhi-based restructuring firm Kroll working with WazirX, said that at least 43% of the money any customer had in WazirX is unlikely to be recovered. The best-case scenario according to Gwee is a return of 55-57 percent return of funds to WazirX users.
Jason Kardachi, Kroll’s managing director said the figures could change if a so-called white knight steps in or if the funds are recovered.
“In crypto terms, it’s extremely unlikely that we can make people whole,” Kardachi said. “So, whatever profits we generate or contributions from white knights or third parties can help improve the recovery in crypto terms. But I don’t think it’s realistic to think that we could ever make people whole when half or thereabouts of the crypto has suffered from the cyber attack.”
Kardachi also stated that WazirX users might be able to retrieve more of their investments in dollar terms if the crypto market improves.
WazirX has enabled users to withdraw their funds in two phases. The first phase was opened from 26 to 28 August, whereby the users are able to withdraw up to half of the present 66 percent of their INR limits. The second phase will allow the users to withdraw up to the full 66 percent limit of their INR balances.
On Thursday, in a message to CryptoSlate, Cyvers reported that the hacker had begun moving assets the previous day. So far, $10 million in Ethereum (ETH) has been laundered through Tornado Cash, including deposits of about $2 million in ETH. Cyvers also noted that the hacker moved approximately 5,000 ETH (valued at $12 million) to a new wallet address, “0x2…968.”
This laundering move by the hackers as WazirX announced its second withdrawal phase which was set for 9 to 22 September. But in a fresh update, the company said that the second phase will be postponed.
“Phase 2 of INR withdrawals is live ahead of schedule. We’re working tirelessly to deliver even faster results. Our objective is to be ahead of schedule for all the timelines we share. We will try our level best to make it happen.” said Nischal Shetty, Co-founder & CEO of WazirX