The hacker entity responsible for stealing over $230 million from Indian crypto exchange WazirX has now started moving the stolen funds. Early Tuesday, the attacker initiated a series of transactions using Tornado Cash. This service allows users to mask wallet addresses across various blockchains. Consequently, this development complicates the recovery process by making it much harder to trace the stolen funds.
Tornado Cash: A Tool for Obfuscating Transactions
Tornado Cash isn’t inherently malicious. However, it’s a tool that enables users to exchange tokens while keeping their wallet addresses private. Unsurprisingly, cybercriminals often use its anonymity features to cover their tracks. The attacker moved nearly $4 million worth of ether (ETH) through 16 transactions on the Ethereum network, routing the funds through Tornado Cash. According to data tracked by Arkham, the address involved in the WazirX hack holds over $155 million in various tokens. Most of it is in ether. Previously, this address had not moved any funds to Tornado Cash.
Details of the WazirX Hack
In July, a security breach in one of WazirX’s multisig wallets led to the theft of over $100 million in Shiba Inu (SHIB) and $52 million in ether, along with other assets. These stolen funds represented over 45% of the total reserves WazirX reported in June 2024. As a result, the exchange has initiated a restructuring process to manage liabilities. Unfortunately, customers are unlikely to receive full compensation in crypto terms. Legal advisers suggest they might recover only 55% to 57% of their funds.
Speculation Surrounding the Hackers
There is growing speculation that the infamous North Korean hacking unit, Lazarus, might be behind the WazirX hack. This group has a notorious history in the crypto space. Furthermore, estimates suggest they have laundered over $1 billion in stolen funds through Tornado Cash before the Office of Foreign Assets Control (OFAC) imposed sanctions on the service in 2022. If Lazarus is indeed involved, it would complicate efforts to recover the stolen assets even further.
Impact on WazirX and the Broader Crypto Market
The WazirX hack is one of the most significant breaches in recent memory, not only due to the amount of funds stolen but also because of the implications for the broader cryptocurrency market. The use of Tornado Cash to hide the movement of stolen funds highlights ongoing security challenges for crypto exchanges. Moreover, the possibility of a well-organized hacking group like Lazarus being involved underscores the need for stronger security measures.
For WazirX, the road to recovery will undoubtedly be long. The exchange’s reputation has taken a significant hit, and restoring customer trust will require considerable effort. Consequently, the ongoing restructuring process will be critical in determining the exchange’s future. Unfortunately, the reduced likelihood of customers being fully compensated could have lasting consequences.
Conclusion: The WazirX Hack and the Future of Crypto Security
The WazirX hack serves as a stark reminder of the vulnerabilities in the crypto ecosystem. As the stolen funds move through tools like Tornado Cash, the challenges of recovering them grow more complex. Therefore, WazirX must now focus on navigating the restructuring process and regaining user trust. Ultimately, this incident underscores the urgent need for better security protocols across the crypto industry.
