On July 18, 2024, WazirX, India's largest cryptocurrency exchange, suffered a devastating cyberattack that resulted in the theft of approximately $234.9 million in digital assets. This breach, one of the largest in crypto history, wiped out nearly 45% of the platform's reserves, affecting millions of users and exposing vulnerabilities in the crypto ecosystem. This article dives into how the hack unfolded, its impact, and what it means for the future of cryptocurrency security.
How the Hack Happened: Exploiting a Multisig Wallet
The attack targeted a multisignature (multisig) Ethereum wallet jointly managed by WazirX and its custody provider, Liminal. Multisig wallets require multiple approvals to authorize transactions, offering enhanced security. In WazirX's case, the wallet needed four out of six signatures—three from WazirX and one from Liminal—to execute transactions. Despite these safeguards, hackers executed a sophisticated attack: they tricked WazirX and Liminal signatories into approving a malicious smart contract update. This altered the wallet's control, allowing the hacker to bypass the multisig security and drain the wallet.
Blockchain analysis revealed the hacker prepared for eight days, funding their operations via Tornado Cash, a decentralized cryptocurrency mixer, on July 10, 2024. On July 18, they drained $234.9 million, including $97 million in Shiba Inu (SHIB) and $53 million in Ethereum (ETH). Post-attack, the hacker converted most stolen assets into Ether (ETH) and funneled them through Tornado Cash, obscuring their trail. By September 2024, only $6 million in traceable ETH remained. The attack's precision and scale point to the North Korean Lazarus Group, a state-sponsored hacking collective known for targeting crypto exchanges. Their involvement complicates recovery efforts, as they rarely negotiate or face legal accountability.
Fallout: Frozen Funds and Compensation Controversy
The hack sent shockwaves through WazirX's 15 million users, primarily in India, where crypto adoption has been growing. The platform immediately suspended all withdrawals and trading, locking user funds. WazirX proposed a controversial "socialized loss" recovery plan, attempting to distribute the losses across all users, which sparked massive backlash. Under regulatory pressure, WazirX turned to Singapore's courts for legal protection. In January 2025, a Singapore court approved its restructuring plan, allowing WazirX to resume trading by February 2025. The exchange also launched a $23 million bounty program and managed to freeze $3 million in stolen assets. However, the compensation plan remains contentious: WazirX decided to cap claims at July 18 valuation, ignoring subsequent price surges (e.g., Shiba Inu's value rose from $102 million to $173 million). This has fueled investor anger, especially among Bitcoin holders unaffected by the hack.
Lessons Learned from the WazirX Hack
The WazirX hack underscores critical vulnerabilities in the crypto industry. Centralized Risks: Storing 50% of reserves in one wallet amplified the damage. Experts recommend distributing assets across multiple wallets to mitigate risk. Smart Contract Security: The attack exploited human error in approving a malicious contract. Rigorous auditing and decentralized custody solutions could prevent similar breaches. Regulatory Gaps: India's unregulated crypto sector left users with limited recourse. Industry experts urge frameworks to protect investors and enforce accountability. User Awareness: Phishing and social engineering played a role in the hack. Users must verify transactions and avoid suspicious links or domains mimicking legitimate platforms.
What's Next for WazirX and the Industry
WazirX is navigating a complex recovery process. The Singapore court's approval of its restructuring plan offers hope, but challenges remain. Fund recovery is nearly impossible due to the use of Tornado Cash and North Korean involvement. Only $3 million has been frozen. User compensation disputes continue to fuel distrust. The hack may trigger stricter regulations in India, potentially stifling crypto growth. Centralized exchanges face scrutiny, pushing users toward decentralized finance (DeFi) alternatives. For investors, this event is a stark reminder to prioritize security: use hardware wallets for offline storage, diversify holdings across platforms and wallets, enable two-factor authentication (2FA), and stay informed about platform security practices. As the crypto market grows, exchanges and users must adapt to safeguard assets in an increasingly complex digital landscape.

