ndian cryptocurrency exchange WazirX, announced this week that it will reverse a recent hack that drained $230 million worth of crypto from user accounts.
On July 18th, WazirX was hit by what they described as a "cyberattack" that enabled hackers to drain user balances and execute unauthorized trades. The breach led WazirX to halt all trading and withdrawals on the platform.
After over two weeks of investigations, WazirX has decided to take the extraordinary step of fully restoring all user balances to pre-hack levels. The exchange will revert every trade executed between 1 PM Indian time on July 18th to July 21st, returning any stolen funds back to their original owners.
A Surprising But Welcome Decision
The decision came as a surprise to many in the crypto industry. Most exchanges lack the reserves to reimburse users after major hacks of this kind.
But after receiving extensive user feedback, WazirX concluded that restoring balances was necessary to maintain trust and integrity with its customers.
The reversals will unfold over the next few days. WazirX will notify all impacted users via email with details on which trades and transfers are being canceled. Any trading fees, referrals, and taxes (such as TDS) associated with the fraudulent transactions will also be credited back to user accounts.
What This Means For WazirX Users
Essentially, users who lost crypto or had their balances drained by the hackers will soon see their original assets returned to their WazirX wallets. And users who deposited money or crypto during the hack timeline will have trades tied to those deposits reversed. Fiat/INR deposits will be addressed separately in a future announcement.
For now, trading and withdrawals remain suspended on WazirX as the exchange works to completely unwind the hack.
WazirX has emphasized that they are listening closely to user feedback and seeking to rebuild trust after the platform was exploited. However, many customers remain skeptical of leaving assets on the exchange given the magnitude of the cyberattack.
Ongoing Investigations
Parallel investigations continue into how the WazirX hack occurred in the first place.
While the exchange has not released details, they confirmed the attack did not originate from a breach of WazirX's own servers. This indicates hackers likely compromised a third-party system connected to WazirX instead.
Leading theories point to a vulnerability in Liminal—the custody provider used by WazirX. Over $260 million flowed through Liminal hot wallets during the timeframe of the hack.
But Liminal has denied any failure of its security systems.
For now, WazirX is focused on restoring user assets rapidly. But full details on how one of India's largest exchanges was plundered for nearly a quarter billion dollars continues to remain a mystery.
