What is WazirX Hack 2024

On July 18, 2024, WazirX — India's largest cryptocurrency exchange — suffered one of the biggest crypto hacks in history. Approximately $234.9 million (around ₹2,000 crore) was stolen from the exchange's multi-signature cold wallet, affecting millions of Indian retail crypto users and triggering a major crisis in India's crypto industry. HOW THE HACK OCCURRED WazirX used a Gnosis Safe multi-signature wallet for its largest fund holdings — requiring 4 of 6 keyholders to sign any transaction. The hack exploited the signing process: Social engineering: Hackers (subsequently attributed to North Korea's Lazarus Group by multiple blockchain intelligence firms) targeted individual WazirX keyholders. Transaction simulation manipulation: The attackers used a sophisticated method — legitimate-looking transactions were presented to Gnosis Safe signers for approval. The payload shown in the Gnosis Safe interface appeared to be a normal transaction, but the actual smart contract interaction was malicious (an upgrade to a malicious implementation contract). Four keyholders approved what they believed was a routine operation. The malicious upgrade gave attackers control of the wallet, draining $234.9M in ETH, SHIB, MATIC, and other tokens within minutes. WHAT HAPPENED TO USER FUNDS WazirX suspended all INR and crypto withdrawals on July 18, 2024. Indian users were unable to access their funds — some for months. WazirX's parent (Zanmai Labs) entered Singapore restructuring proceedings, seeking a moratorium on creditor claims. The restructuring plan proposed a 55% immediate return of assets and conversion of remaining 45% into "recovery tokens" redeemable over time. The Binance relationship (Binance had acquired WazirX in 2019) became contentious — both parties disputed who was responsible for the funds. KEY SAFETY LESSONS Do not keep large long-term holdings on any centralised exchange. Use self-custodial wallets for significant holdings. Diversify across multiple exchanges if exchange holdings are necessary. The hack demonstrated that even multi-signature wallets with reputable custodians can be compromised through social engineering. Indian regulatory bodies subsequently intensified oversight of VASP cybersecurity requirements.

Terms in addition to the WazirX Hack 2024

Blockchain

A blockchain is a subset of a distributed database. The Bitcoin inventors originally prototyped the system in 2008. This modern database is made up of separate blocks that are connected together in a chronological chain. Blockchains may be used to store a wide range of data types. It has mostly been utilized as a public ledger for bitcoin transactions to date. A peer-to-peer network comprised of independent nodes uses a consensus process to ensure the blockchain's security and legitimacy. Each node in the network keeps a public and immutable copy of the data.

2 Factor Authentication (2FA)

2 Factor Authentication is a security measure with two layers. It is used by the majority of cryptocurrency exchanges. To log in, you must provide not only a password, but also a code obtained, for example, from the Google authenticator.

Airdrop

An airdrop is a method of distributing coins. End users can typically obtain coins for free or in exchange for doing a small task, such as subscribing to a newsletter, sending a tweet, or inviting others via a personal affiliate link. Cryptocurrency airdrops — the act of depositing cryptocurrency into public crypto wallets — are utilized as a marketing, liquidity creation, and network bootstrapping technique for many different types of blockchain initiatives.

Altcoin

Altcoin - "alternative coin" - is any kind of digital currency other than Bitcoin. Since the launch of Bitcoin, the world's first digital currency, many altcoins (as well as supporting blockchains) have been created. Altcoin digital currencies share many similarities to Bitcoin, but consistently and have significant differences. There are about 20,000 altcoins, and this number is expected to grow significantly in the coming years. Altcoins often develop Bitcoin features. Ethereum, currently the most widely used blockchain, supports digital contracts and separate applications where Bitcoin does not. Altcoins are also often created to cater to the needs of different users. The Litecoin blockchain, for example, can process payments quarterly for the duration of Bitcoin.

Cold Storage

Cold storage is the way to store cryptocurrency offline. The word refers to the use of offline wallets that are not connected to the internet. Cold storage is the most secure way to keep cryptocurrencies since an offline currency becomes less likely to be hacked and stolen. Paper wallets, printed renditions of private keys, and offline hardware and software wallets are all examples of cold storage.