WazirX Hacker Cleans Stolen Ethereum Using Tornado Cash

A recent development in the crypto world involves hackers associated with the Indian exchange WazirX cleaning stolen Ethereum using the Tornado Cash protocol. The hackers have initiated the process of laundering the stolen Ethereum, with only 6.5 million dollars out of the 235 million dollars stolen being transferred to the decentralized mixer. This mixer enables the erasure of past traces of certain cryptocurrencies, marking the beginning of the laundering phase following the hack. The chances of WazirX recovering the assets are diminishing as the laundering process progresses.

The hack on WazirX, which occurred on July 18, 2024, resulted in the theft of 234.9 million dollars worth of various cryptocurrencies, including Shiba Inu, Ethereum, Tether, Polygon, Pepe, and Floki. Notably, approximately 100 million dollars in SHIB tokens were stolen, leading to a significant price drop for the coin. The attack impacted around 41% of the platform’s users, predominantly Indian, and represented over 45% of the total reserves reported by the exchange in June 2024. Following the hack, WazirX sought restructuring with Singapore authorities to address its liabilities, sparking discontent among its Indian user base due to the legal proceedings taking place in Singapore.

The hack is believed to be orchestrated by the North Korean hacker group Lazarus Group, as indicated by cryptographic security experts and cybersecurity professionals familiar with the incident. The hackers exploited vulnerabilities in WazirX’s security protocols, allowing them to take control of the platform and execute the theft. The stolen funds are now being laundered through Tornado Cash, with 6.5 million dollars already moved through the protocol in 16 different transactions.

Tornado Cash offers a privacy-focused platform for users to obscure the origins of their tokens by eliminating traces of past activities. Despite the ongoing laundering process, a significant portion of the stolen funds remains in the hackers’ wallets. The potential risk to the hacker’s anonymity increases as more funds are moved through Tornado Cash, given the platform’s substantial Total Value Locked (TVL). The future movements of the hackers and the potential recovery of the remaining funds remain uncertain, with legal disputes and compensation challenges complicating the situation for affected users.

The evolving situation surrounding the WazirX hack underscores the persistent threats faced by crypto exchanges and the importance of robust security measures in safeguarding users’ assets. The impact of such incidents extends beyond financial losses, affecting the trust and confidence of participants in the crypto ecosystem. As the investigation and recovery efforts continue, stakeholders in the crypto community remain vigilant against potential risks and vulnerabilities in the digital asset space.