ARTICLE AD
During the restoration, trading, and withdrawal functions will remain suspended to facilitate a smooth and accurate process.
On August 8, 2024, WazirX announced that it is beginning the process of restoring user account balances following a cyberattack on July 18.
This measure aims to address the disruptions caused by the massive security breach.
Restoration Process
In response to the July 18 cyberattack, WazirX has rolled out a detailed restoration plan to address the issues faced by its users and ensure fair treatment across the platform.
Firstly, all trades conducted after 1 PM IST on the day of the attack will be reversed. This means any cryptocurrency or INR transactions made after this time will be undone, restoring users’ portfolios to their state before the cyberattack began. The platform aims to remove the impact of the compromised trades and correct any discrepancies in account balances.
Alongside this, WazirX will also reverse any fees and referral bonuses linked to the trades executed between July 18 and July 21. This includes refunds for trading fees and referral incentives earned during the affected period. Users will also see credits for any tax deductions associated with these transactions.
Deposits made within the compromised timeframe will be reviewed and addressed in forthcoming updates. Trades conducted during this period will be canceled, and affected users will be informed through detailed email notifications outlining the specific trades and adjustments made to their accounts.
📢 Important Update:
We are actively listening to your feedback and taking decisive action to address your concerns! After careful consideration of the situation and the feedback received from numerous users, we are constrained to restore the balances of all accounts and undo… pic.twitter.com/Bmp6GqvPfr
— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) August 8, 2024
During the restoration, trading, and withdrawal functions will remain suspended to facilitate a smooth and accurate process. This temporary pause is crucial for implementing the corrections and safeguarding against further disruptions.
Background of WazirX Hack
WazirX’s hack led to a loss of about $230 million from its platform. This attack, one of the largest in recent history, involved significant breaches of WazirX’s multi-signature wallet. The wallets had six signatories, one from the multi-party computation (MPC) wallet provider Liminal, and five from WazirX.
According to an official report released by Liminal, the hack did not result from flaws in its user interface, as earlier claimed by WazirX, but from compromised WazirX devices. Liminal stated that its multi-signature wallet was designed to provide an additional signature if WazirX provided the required three. Consequently, the attacker needed to compromise only three devices to execute the attack.
In this situation, WazirX’s devices initiated a valid transaction, and Liminal’s server gave a “safeTxHash” to confirm it. However, the attacker swapped this hash with an invalid one, causing the transaction to fail. The attacker then used signatures from other transactions to approve a new one, which was successfully processed on the Ethereum network.
The WazirX hack highlights a growing issue in the cryptocurrency world, where security breaches are becoming more frequent, stressing the need for better security measures and caution.