On July 18, 2024, WazirX, India's largest cryptocurrency exchange, suffered a devastating cyberattack that resulted in the theft of approximately $234.9 million in digital assets. The breach wiped out nearly 45% of the platform's reserves, affecting millions of users and exposing vulnerabilities in the crypto ecosystem. This article provides a detailed examination of how the hack unfolded, its impact, and the key lessons for the future of cryptocurrency security.
How the Attack Happened
The attack targeted a multisignature (multisig) Ethereum wallet managed jointly by WazirX and its custody provider, Liminal. Multisig wallets require multiple approvals (signatures) to authorize transactions, offering enhanced security. In this case, the wallet required four out of six signatures—three from WazirX and one from Liminal—to execute transactions. Despite these safeguards, hackers executed a sophisticated attack:
- Smart Contract Manipulation: The attackers tricked WazirX and Liminal signatories into approving a malicious smart contract update. This altered the wallet's control, allowing the hacker to bypass the multisig security and drain the wallet.
- Preparation and Execution: Blockchain analysis revealed the hacker prepared for eight days, funding their operations via Tornado Cash, a decentralized cryptocurrency mixer, on July 10, 2024. On July 18, they drained $234.9 million, including $97 million in Shiba Inu (SHIB) and $53 million in Ethereum (ETH).
- Laundering the Funds: Post-attack, the hacker converted most stolen assets into Ether (ETH) and funneled them through Tornado Cash, obscuring their trail. By September 2024, only $6 million in traceable ETH remained.
The attack's precision and scale point to the North Korean Lazarus Group, a state-sponsored hacking collective known for targeting crypto exchanges. Their involvement complicates recovery efforts, as they rarely negotiate or face legal accountability.
Fallout and Impact
The hack sent shockwaves through WazirX's 15 million users, primarily in India, where crypto adoption has been growing. Key impacts include:
- User Funds Frozen: WazirX immediately suspended all trading and withdrawals, locking users out of their assets. The exchange proposed a controversial "socialized loss" recovery plan, which would distribute the losses proportionally among users, sparking widespread outrage.
- Increased Regulatory Scrutiny: The attack triggered emergency meetings among Indian regulators, who have long debated crypto policy. India's lack of a clear regulatory framework left users with little legal recourse. The incident is likely to accelerate the push for stricter regulations.
- Legal and Financial Restructuring: WazirX filed for a restructuring moratorium in Singapore, which was approved by a court in January 2025. The plan aims to resume trading by February 2025, but user compensation will be capped at asset values as of July 18, 2024—ignoring subsequent price surges (e.g., Shiba Inu's value rose from $102 million to $173 million). This has fueled investor anger, especially among Bitcoin holders unaffected by the hack.
Key Lessons Learned
The WazirX hack underscores critical vulnerabilities in the crypto industry:
- Centralized Risks: Storing 50% of reserves in one wallet amplified the damage. Experts recommend distributing assets across multiple wallets to mitigate risk.
- Smart Contract Security: The attack exploited human error in approving a malicious contract. Rigorous auditing and decentralized custody solutions could prevent similar breaches.
- Regulatory Gaps: India's unregulated crypto sector left users with limited recourse. Industry experts urge frameworks to protect investors and enforce accountability.
- User Awareness: Phishing and social engineering played a role in the hack. Users must verify transactions and avoid suspicious links or domains mimicking legitimate platforms.
What's Next for WazirX and the Industry
WazirX is navigating a complex recovery process. The Singapore court's approval of its restructuring plan in January 2025 offers hope, with plans to resume trading by February 2025. However, challenges remain:
- Fund Recovery: The use of Tornado Cash makes tracing stolen funds nearly impossible. Only $3 million has been frozen, and North Korean involvement dims prospects for further recovery.
- User Compensation: The controversial compensation cap has damaged trust. Many users feel betrayed, and the exchange faces potential lawsuits.
- Industry Impact: The hack may trigger stricter regulations in India, potentially stifling crypto growth. Centralized exchanges face scrutiny, pushing users toward decentralized finance (DeFi) alternatives.
For crypto investors, the WazirX hack is a stark reminder to prioritize security: use hardware wallets for offline storage, diversify holdings across platforms and wallets, enable two-factor authentication (2FA), and stay informed about platform security practices and regulatory developments.
The WazirX hack exposed the fragility of centralized exchanges and the urgent need for robust security and regulation. As the crypto market grows, exchanges and users must adapt to safeguard assets in an increasingly complex digital landscape.

