WazirX, the Indian cryptocurrency exchange, announced on August 23 that it will resume Indian Rupee (INR) withdrawals in phases beginning August 26, following a significant cyberattack that occurred on July 18, resulting in the theft of over $230 million.
Impact of the Cyberattack
The cyberattack forced WazirX to suspend all cryptocurrency and INR withdrawals as the team worked to address the incident and mitigate its consequences. The attack severely impacted the exchange's operations, leading to a halt in trading activities.
In response, WazirX is implementing a Singapore Scheme of Arrangement. This legal process is designed to facilitate a fair and user-approved distribution of the remaining cryptocurrency assets, addressing both compliance and user involvement in the recovery process.
WazirX clarified that due to a substantial loss of ERC-20 tokens, the exchange was unable to fully meet its cryptocurrency liabilities, which further necessitated this restructuring approach.
Withdrawal Resumption Plan
Starting August 26, WazirX plans to gradually lift the suspension of INR withdrawals in two stages. Users will be able to access up to 66% of their INR balances as follows:
- Phase 1: From August 26 to September 8, users can withdraw up to 33% of their INR balances.
- Phase 2: From September 9 to September 22, users will be able to withdraw the full 66%.
To assist users during this transition, WazirX has reduced withdrawal fees by 60%, lowering them from INR 25 to INR 10.
WazirX expressed regret over the disruption caused by the cyberattack, acknowledging the difficulties faced by its users, and emphasized the importance of user feedback and participation in future decision-making processes.
Investigation and Security Measures
The cyberattack, which resulted in the theft of approximately $234.9 million, was first identified by Web3 security firm Cyvers, which detected irregular transactions linked to WazirX’s Safe Multisig wallet on Ethereum. In response to the breach, WazirX took immediate steps to secure remaining assets and suspended withdrawals temporarily.
The exchange has been focused on restoring user trust and enhancing security protocols since the incident. Efforts include migrating assets from Liminal, a digital asset custody firm, to new multisignature wallets, which require multiple authorizations for transaction validation. WazirX's multisig wallet was held by six authorized signers: one from Liminal and five from WazirX.
Adding complexity to the situation, the hacker reportedly converted nearly $150 million in stolen altcoins into Ether, likely attempting to evade fund freezing or blacklisting measures.
To help users better understand their asset statuses, WazirX conducted maintenance on August 16, during which they reversed all trades executed after the withdrawal halt began on July 18. While users can now view their funds, WazirX has yet to provide a definitive timeline for complete withdrawals' resumption.
The exchange's initial proposal for a loss-sharing model of 55/45 has led to increased frustration among investors, who are demanding more immediate action and clarity regarding the ongoing situation.
