WazirX freezes $3 million in stolen assets from cyberattack

Cryptocurrency exchange WazirX on Friday (January 17) said it has frozen approximately $3 million USDT in stolen assets (USDT) as part of its recovery efforts following last year’s cyberattack. This marks the first successful tranche of recovered funds amid the platform’s ongoing restructuring proceedings.

"Zettai has been working in partnership with law enforcement agencies, forensic experts, investigating authorities as well as legal experts to trace and retrieve stolen assets while charting the best course of action for all of the Platform’s affected users," WazirX said in a statement.

Nischal Shetty, Founder, WazirX said, "This is just the beginning; we are fully committed to recovering the Stolen Funds, leaving no stone unturned to maximise recoveries under a Scheme. We appreciate our users' patience and support as we navigate this challenging situation together."

Also Read: CoinSwitch launches ₹600-crore recovery plan for WazirX hack victims

"Efforts to recover Stolen Assets are fully underway and moving in the right direction - between on-chain forensic work and legal avenues against third parties complicit in the Hack and subsequent dissipation, the company is well prepared to maximise the recovery of Stolen Assets for the benefit of Scheme Creditors under a Scheme," said Jason Kardachi, Managing Director and Co-Head of Global Restructuring Practice, Kroll.

The announcement follows a joint statement from the United States, South Korea, and Japan, which attributed the cyberattack to North Korean hackers.

Last year in July, WazirX, in a blog post, confirmed that the security breach that compromised one of its wallets resulted from a cyberattack. The breach resulted in a loss exceeding $230 million. The wallet, utilising Liminal’s digital asset custody and wallet infrastructure since February 2023, fell victim to sophisticated cybercriminals.

According to the platform, the attacked wallet was protected by six signatories — five from WazirX and one from Liminal. For a transaction to be approved, the approval needed to be obtained from three WazirX team members using ledger hardware wallets and final approval from Liminal. They also had a security measure to whitelist destination addresses, ensuring transactions went only to pre-approved addresses.

Also Read: WazirX puts plan to 'socialise' $230 million loss among all customers on hold after backlash: Sources

WazirX said the hackers exploited a mismatch between the data shown on Liminal’s interface and the actual transaction contents. Internal investigations suggest that the displayed information was altered to give control of the wallet to the attackers.