Altcoins Talks - Cryptocurrency Forum
Learning & News => News related to Crypto => Topic started by: ABCbits on July 19, 2024, 12:45:03 PM
-
WazirX Hacked for $230M, Largely in SHIB, as Elliptic Says North Korea Behind Attack
Indian crypto exchange WazirX saw over $230 million in withdrawals in early European hours on Thursday as a security breach affected one of its wallets, causing the loss of user funds.
"We're aware that one of our multisig wallets has experienced a security breach. Our team is actively investigating the incident," the exchange confirmed in an X post. "To ensure the safety of your assets, INR and crypto withdrawals will be temporarily paused."... Read more here (https://www.coindesk.com/business/2024/07/18/crypto-exchange-wazirx-sees-230m-in-suspicious-withdrawals-largely-100m-in-shib-token/).
It's only been about 2 months since DMM exchange got hacked with $230m loss over $300m loss. Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
-
It's only been about 2 months since DMM exchange got hacked with $230m loss. Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
I do not think that the reason is popularity, but rather a technical problem in one of the multi-signature wallets which was contain SHIBA.
Some statistics indicated that the amount is approximately equal to over 45% of the total reserves, and that about 23% of it is in Shiba Inu currency, and I do not know how a platform can invest all these amounts in Shiba Inu.
Hacking a multi-signature wallet indicates a complete technical failure.
-
Hacking a multi-signature wallet indicates a complete technical failure.
I do not think it is technical failure than the exchange failure. It could be 2-of-2 multisig which can make the hacker to make 2 times effort with the help of an insider or some insiders. Exchanges needs to hire better organizations that can help in security.
-
~
Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
It's probably just a coincidence but that's a lot of SHIB stored on their wallet.
~
Exchanges needs to hire better organizations that can help in security.
Yeah, also make the effort to ensure that they are not compromised. I'm reminded of the two consultants hired by our local exchange that exploited the platform and took 12.2 Million XRP
-
My big question, why North Korea? Does that country really have such dangerous intelligence resources? Or are such actions facilitated by their government? Everywhere I have read stories about the country's dictatorship and very limited state facilities which conclude that it is impossible for hackers to come from the civilian population.
-
It's only been about 2 months since DMM exchange got hacked with $230m loss. Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
I am not sure why hackers chose SHIB as their main point interest...but there is no question that anybody can sell the same in different exchanges not unless of course WazirX will be able to successfully ask exchanges to froze the said movement. On this hack, I am sad to hear that there is another platform victimized by the hacking powerhouse from North Korea. Seems to me that hacking has been a very profitable enterprise by people based in North Korea and I am sure that their government is very much behind the scene and can even be the capitalist of the said venture. I still don't understand how come good hackers can be 3 steps ahead in encroaching into the security portal of different crypto platforms...taking away millions of dollars worth of digital assets away from them. Sad to see I don't see any long-term solution to this big problem in the crypto industry so I am sure that a month from now we can read the same kind of news again.
-
My big question, why North Korea? Does that country really have such dangerous intelligence resources? Or are such actions facilitated by their government? Everywhere I have read stories about the country's dictatorship and very limited state facilities which conclude that it is impossible for hackers to come from the civilian population.
If you'd search for some articles and videos about them hacking large companies, they're proven to be doing this. IIRC, there was this Lazarus named group from there, I am not sure if they're government backed or not but most likely they are since it is a hermit kingdom that everything is controlled by its government. And in the past, two years ago, they've hacked Sky Mavis' ronin network.
-
I noticed that hackers attacks related to Bitcoin have become fewer and that hackers have moved to altcoins.
My big question, why North Korea? Does that country really have such dangerous intelligence resources? Or are such actions facilitated by their government? Everywhere I have read stories about the country's dictatorship and very limited state facilities which conclude that it is impossible for hackers to come from the civilian population.
Some of the cyberattacks related to cryptocurrencies have been attributed to APT38, an office in North Korea that claims to launder cryptocurrencies for the government.
-
Hacking a multi-signature wallet indicates a complete technical failure.
If the employees are storing the keys in emails or they are sending it to each other via telegram or WhatsApp when it's needed then you can have 100 sigs and it won't help you.
The cyber attack stemmed from a discrepancy between the data displayed on Liminal's interface and the transaction's actual contents. During the cyber attack, there was a mismatch between the information displayed on Liminal’s interface and what was actually signed. We suspect the payload was replaced to transfer wallet control to an attacker.
So they basically signed a black check!
What kind of security is that when you can't even be sure what you agree with as it's presented by a 3rd party and you can't check the data for accuracy?
-
My big question, why North Korea? Does that country really have such dangerous intelligence resources? Or are such actions facilitated by their government? Everywhere I have read stories about the country's dictatorship and very limited state facilities which conclude that it is impossible for hackers to come from the civilian population.
It is not related to intelligence resources, but to hacking and electronic piracy skills. Most of the accusations indicate that the Lazarus group is behind most of the hacks that occurred. The reason seems to be that they have great experience in the field of hacking and searching for vulnerabilities, and it also appears that they are supported by the government.
I think the main reason why most of the hacking comes from North Korea is that it is outside international law and from there they can work freely without fear of legal prosecution because North Korea does not abide by any international laws.
-
I do not think it is technical failure than the exchange failure. It could be 2-of-2 multisig which can make the hacker to make 2 times effort with the help of an insider or some insiders. Exchanges needs to hire better organizations that can help in security.
It is both a security failure and an operational failure.
Security failure because the hackers should not have been able to get both of the signing keys for the wallet.
Operational failure because they do not have enough funds to swallow the loss, now they've actually paused withdrawals because they don't have any profits to cover the ones stolen from the hack, so now users will suffer. Binance and the other large exchanges have a large stash of assets stored a way so that if the hot wallet is drained, they can replenish it from the stash and no user funds are lost. But this exchange looks like it's going to be in big trouble or insolvent now if they don't find new capital.
-
It could not have been done without an internal support. A multi signature wallet getting hacked is shows there was a technical issue which can be only known by an employee. I am more interested to know what course of action the exchange and Indian government will take. The government already has made it hell for the Indian crypto community with thier ridiculous tax system. After this hack the struggling Indian exchanges would lose more volumes.
-
Historically, North Korea has been the crux of crypto exchanges, in the beginning though it was all South Korean attack but now it seems that they are targeting all crypto exchanges that have vulnerabilities.
Question though, Indian are taxing crypto right? Will it happen that the government are going to pay or are they liable to pay as per law? Maybe we can argue that since we are paying tax, somewhat they could held accountable as well?
-
Hacking a multi-signature wallet indicates a complete technical failure.
I do not think it is technical failure than the exchange failure. It could be 2-of-2 multisig which can make the hacker to make 2 times effort with the help of an insider or some insiders. Exchanges needs to hire better organizations that can help in security.
2-of-2 multisig is the worst type of multi-signature wallet, and if this is the setup of the #DevelopmentTeam , it is a complete failure of the system.
Hacking a multi-signature wallet indicates a complete technical failure.
If the employees are storing the keys in emails or they are sending it to each other via telegram or WhatsApp when it's needed then you can have 100 sigs and it won't help you.
If they were, then why were they paid? it led to the loss of millions of dollars. If this is how they deal with customers’ money, then the customers’ data must have been hacked.
-
Hacking a multi-signature wallet indicates a complete technical failure.
I do not think it is technical failure than the exchange failure. It could be 2-of-2 multisig which can make the hacker to make 2 times effort with the help of an insider or some insiders. Exchanges needs to hire better organizations that can help in security.
This insider help definitely plays a role if that's the case, because an exchange should have accurate security and if something happens it should be alert and not lose too much,
-
~
Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
It's probably just a coincidence but that's a lot of SHIB stored on their wallet.
But the news also state these.
The exploiter is actively selling the stolen tokens, including $100 million worth of shiba inu
The stolen funds account for over 45% of the exchange's $500 million holdings, which it disclosed in a June report.
So if i understand it right, 20% of their holding consists of SHIB.
-
Question though, Indian are taxing crypto right? Will it happen that the government are going to pay or are they liable to pay as per law? Maybe we can argue that since we are paying tax, somewhat they could held accountable as well?
You're also paying property tax you're paying VAT, is the government paying you back when your laptop gets stolen or your account is drained by someone? That's what insurance is for, and that's why FDIC is for but have you seen any exchange actually insuring funds?
If they were, then why were they paid? it led to the loss of millions of dollars. If this is how they deal with customers’ money, then the customers’ data must have been hacked.
Remember when FTX which a billion company didn't even have proper accounting and much of the meetings involved partying and smoking pot?
-
It's only been about 2 months since DMM exchange got hacked with $230m loss. Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
What a coincidence that DMM also lost $230 M and Wazirx also lost the same amount. And also in the form of Shib mostly but they also lost in other types of funds as well. It is sad that the users have to bear the loss now because I read a news where they said, the funds of customers are at risk and AFAI remember, the WazirX exchange has been hacked before.
And I don't know if people would be using this exchange anymore, especially Indians, because the world and old users from India understand that the WazirX exchange is not a reliable exchange anymore after the last hack and there were several controversies about it as well. In short, it is sad that NK is causing that much loss to the crypto industry.
-
It's only been about 2 months since DMM exchange got hacked with $230m loss. Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
What a coincidence that DMM also lost $230 M and Wazirx also lost the same amount.
I just noticed i stated wrong amount. The correct amount for DMM hack was over $300m. Anyway, my point are both exchange hacked within short interval and both of them had similar amount of losses.
-
-snip-
And I don't know if people would be using this exchange anymore, especially Indians, because the world and old users from India understand that the WazirX exchange is not a reliable exchange anymore after the last hack and there were several controversies about it as well. In short, it is sad that NK is causing that much loss to the crypto industry.
What is certain is that the number of users will decrease and many will move to larger exchanges that better guarantee the security of their investments. if there was also a controversial problem before, then it is only necessary to see Wazirx go bankrupt slowly.
WazirX mentioned that "many exchanges" are "cooperating" with them and explained immediate plans that include "tracking stolen funds, recovering customer assets, and conducting a more in-depth analysis of the cyberattack
-
-snip-
And I don't know if people would be using this exchange anymore, especially Indians, because the world and old users from India understand that the WazirX exchange is not a reliable exchange anymore after the last hack and there were several controversies about it as well. In short, it is sad that NK is causing that much loss to the crypto industry.
What is certain is that the number of users will decrease and many will move to larger exchanges that better guarantee the security of their investments. if there was also a controversial problem before, then it is only necessary to see Wazirx go bankrupt slowly.
WazirX mentioned that "many exchanges" are "cooperating" with them and explained immediate plans that include "tracking stolen funds, recovering customer assets, and conducting a more in-depth analysis of the cyberattack
unless they can refund the users of their loss. when binance was hacked and they make it appear like they re refunding the users, it gave the users satisfaction like the exchange is secure since they can refund however large the amount was lost.users never left. but its cool to see there are exchanges cooperating with them and most likely going to freeze the tokens when its going inside their exchange.
if they can cooperate with each other, i don't see any reason why binance and coinbase and other exchanges cooperating as well.
-
So they're kind of *******
https://x.com/NischalShetty/status/1815684469296144807
We’re figuring various directions that can possibly help enable the platform deposits/withdrawals/trading.
~
1. The impact of the over $230M cyber attack is on the digital assets of our customers
Yeah, he definitely needed to clear that up, it was customers's funds, but he managed to commit it was customer funds in their keeping which they would normally be liable for.
As for the complete suspension, anyone with an account there, is the entire site frozen?
-
unless they can refund the users of their loss. when binance was hacked and they make it appear like they re refunding the users, it gave the users satisfaction like the exchange is secure since they can refund however large the amount was lost.users never left. but its cool to see there are exchanges cooperating with them and most likely going to freeze the tokens when its going inside their exchange.
if they can cooperate with each other, i don't see any reason why binance and coinbase and other exchanges cooperating as well.
Refunds are important because customers certainly don't want to lose their money due to a bad security mistake.
Like Binance and several other large CEXs that have reserve funds to overcome this kind of risk, so user funds will remain safe.
If Wazirx can get past this and make all customer funds safe then they can be trusted again.
But if it turns out that some funds are missing, then there is no hope of rising or even becoming more normal.
About some cooperation to get assistance is still a discussion, whether it will be fully restored or not.
-
And they outlined a bounty hunters that can help them recover the funds, it's 10% of the total money that has been hacked,
Program Details:
White Hat Recovery Bounty: Ethical hackers and experts are encouraged to assist in the recovery process. WazirX offers a reward equivalent to 10% of the recovered amount, subject to successful recovery and verification. This could potentially amount to $23 million, making it one of the largest bounties ever offered in the crypto industry. This offer extends to the WazirX hacker as well, in exchange for the return of the funds to the specified ERC20 wallet address: 0xf381d876ce4807d1e752cf9dcdba695f312611bf
https://wazirx.com/blog/wazirx-announces-bounty/
So let's see if this bounty program will attract white ethical hackers to recovery what they've lost. it's a big reward to be honest, so for sure there will be some attempts from the other side of the spectrum to help them and then get that $23 million reward.
-
Oh well, if they can pay the bounty hunters with that amount of money, maybe they can still pay little by little those customers. That should be their utmost concern right now. Although you can appreciate the efforts they put on the bounties and hopefully someone will step up and help them to recover some if not all the money.
And then they will have to bolster their security as well and learn from the hack itself. Otherwise, they could end up in bankruptcy if another big attack hits them on the future if they don't patch their security in the future.
-
And they outlined a bounty hunters that can help them recover the funds, it's 10% of the total money that has been hacked,
--snip--
The offer is interesting, although it's hard to imagine the hacker being careless which lead to returning funds. On top of that, the hacker always swap hacked asset for something else, which makes it more complicated.
-
What a coincidence that DMM also lost $230 M and Wazirx also lost the same amount. And also in the form of Shib mostly but they also lost in other types of funds as well. It is sad that the users have to bear the loss now because I read a news where they said, the funds of customers are at risk and AFAI remember, the WazirX exchange has been hacked before.
And I don't know if people would be using this exchange anymore, especially Indians, because the world and old users from India understand that the WazirX exchange is not a reliable exchange anymore after the last hack and there were several controversies about it as well. In short, it is sad that NK is causing that much loss to the crypto industry.
North Korea hackers are only concerned about stealing money to build more rockets, weapons, guns, bombs, etc.
But as for WazirX, I'm not so sure how anyone can feel sorry for them. Because they failed to implement a SAFU fund for their users as an insurance against getting hacked, and now the result is their customers bearing the burnt of the loss.
-
I just noticed i stated wrong amount. The correct amount for DMM hack was over $300m. Anyway, my point are both exchange hacked within short interval and both of them had similar amount of losses.
Thank you for the correction. Regarding the timing of hacks, I don’t believe hackers typically consider such intervals. If they are different hackers, they likely won’t prioritize such factors. However, if a hacker identifies a good opportunity, such as relaxed or softened authorities or a system loophole, they might wait for the right moment, for example, when a platform has raised enough funds, to execute their attack.
According to the news (https://cointelegraph.com/magazine/wazirx-exchange-hackers-fake-tether-scams-asia-express/), Tarun Mangukiya stated that hackers manipulated the WazirX exchange to upgrade their security implementation. Why did WazirX decide to upgrade it? One thing to consider is that the same group, NK's Lazarus group, hacked both exchanges. Perhaps when DMM was hacked, WazirX realized it was time to enhance its security measures, and that’s how they might be manipulated. The news also says that, hacker take 8 days to practise this hack or maybe waiting for the right opportunity.
-
What a coincidence that DMM also lost $230 M and Wazirx also lost the same amount. And also in the form of Shib mostly but they also lost in other types of funds as well. It is sad that the users have to bear the loss now because I read a news where they said, the funds of customers are at risk and AFAI remember, the WazirX exchange has been hacked before.
And I don't know if people would be using this exchange anymore, especially Indians, because the world and old users from India understand that the WazirX exchange is not a reliable exchange anymore after the last hack and there were several controversies about it as well. In short, it is sad that NK is causing that much loss to the crypto industry.
North Korea hackers are only concerned about stealing money to build more rockets, weapons, guns, bombs, etc.
True, rouge nation, a whole government backing up their hacking group and then still find a way to circumvent the embargo with them and getting stronger by turning into hacking.
But as for WazirX, I'm not so sure how anyone can feel sorry for them. Because they failed to implement a SAFU fund for their users as an insurance against getting hacked, and now the result is their customers bearing the burnt of the loss.
They are a bigger exchange so it's really makes us wonder why the funds are not SAFU so that they can protect their customers. Now, maybe in the coming days we might be seeing cases filed against them in court in India for failing their customers and not giving back the money or pay them because it's their fault that their customers are not protected.
-
My big question, why North Korea? Does that country really have such dangerous intelligence resources? Or are such actions facilitated by their government? Everywhere I have read stories about the country's dictatorship and very limited state facilities which conclude that it is impossible for hackers to come from the civilian population.
North Korea's government is very much involved with the hacking business (https://www.coindesk.com/policy/2024/03/21/north-korean-crypto-hackers-have-stolen-3b-since-2017-says-un-security-council-report/)and I am sure it is their government behind many successful hacks for the past many years in the cryptocurrency industry. Just because the country is on financial dire strait does not mean that it can not invest on technology and people for hacking purposes...in fact it invested billions of dolalrs to be a nuclear carrying country and make its military strong in the region. North Korea know that there is a big business in hacking crypto platforms and that it's why it is concentrating its time, effort on this. For them, the rewards are so worth the risks. I would not be wondering to hear more news of North Korean hackers getting more successful on what they do in the coming years.
-
Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
$SHIB or any other memecoin for that matter, are popular (in India or elsewhere) because they are very cheap, when people purchase these cheap coins they get huge quantities and usual mindset goes, it's easy to be rich that way.
-
Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
$SHIB or any other memecoin for that matter, are popular (in India or elsewhere) because they are very cheap, when people purchase these cheap coins they get huge quantities and usual mindset goes, it's easy to be rich that way.
Last year coingecko blog published an article where that listed the names of countries that are obsessed with meme coins. On that list India was second and the number one country was the US. They did Shiba Inu top the list of meme coins that are most popular in India. I am sharing the article here: Top 10 Countries Leading the Meme Coin Craze in 2023 (https://www.coingecko.com/research/publications/top-meme-coin-countries). I was expecting another article from them this year as the hype of meme coin has gone up more this year but they have not published an article this year.
-
And they outlined a bounty hunters that can help them recover the funds, it's 10% of the total money that has been hacked,
--snip--
The offer is interesting, although it's hard to imagine the hacker being careless which lead to returning funds. On top of that, the hacker always swap hacked asset for something else, which makes it more complicated.
I think this is not about finding a hacker but offering the real hackers a 10% of the sum and immunity in a criminal's case, basically, they pay back the sum they get fully legal 10% of it and everyone is happy and no police are involved.
I've never heard before, although I could be wrong about a hacker hacking the wallets of a criminal especially since they don't know where the coins are actually, imagine the hacker miraculously finds those are hosted in a cold wallet somewhere and they hack some dex for it, how would that even work from a legal point of view?
But as for WazirX, I'm not so sure how anyone can feel sorry for them. Because they failed to implement a SAFU fund for their users as an insurance against getting hacked, and now the result is their customers bearing the burnt of the loss.
I think the SAFU worked only during the time when they were either bought or under Binance ;D after all , isn't SAFU a trademark , lol?
-
Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
$SHIB or any other memecoin for that matter, are popular (in India or elsewhere) because they are very cheap, when people purchase these cheap coins they get huge quantities and usual mindset goes, it's easy to be rich that way.
Now in real life, has such mindset made more millionaires or it has made more poor? I ask because I know of few people who claim that such meme projects made them big fortunes and others also claim that they lost massively. Comparing the ratio of win to lose. Has the meme coins done more harm than good?
-
North Korea hackers are only concerned about stealing money to build more rockets, weapons, guns, bombs, etc.
But as for WazirX, I'm not so sure how anyone can feel sorry for them. Because they failed to implement a SAFU fund for their users as an insurance against getting hacked, and now the result is their customers bearing the burnt of the loss.
You are right, I have been reading a lot of stories about Lazarus group. These 2 hacks are not the only hacks that this group has caused. There is a lot of money that this group has scammed in various hacks. And all of this money just to make themselves a big nuclear power! rockets, weapons, and guns are not enough and they know that. But using crypto to complete their agenda is not the right thing this clearly gives a bad image to Crypto and BTC.
Speaking of WazirX, they were trying to upgrade their security measurements and when they did that, hackers found a loophole and found a way to get in. Which caused them a big loss. I read in a news (https://cointelegraph.com/magazine/wazirx-exchange-hackers-fake-tether-scams-asia-express/)that they were planning this heist for 8 days by rehearsing it. WazirX has been hacked before and now this hack puts a big question on their management, the ones who thought to give a chance to Wazir before might not prefer to give it after this incident.
-
And they outlined a bounty hunters that can help them recover the funds, it's 10% of the total money that has been hacked,
--snip--
The offer is interesting, although it's hard to imagine the hacker being careless which lead to returning funds. On top of that, the hacker always swap hacked asset for something else, which makes it more complicated.
I think this is not about finding a hacker but offering the real hackers a 10% of the sum and immunity in a criminal's case, basically, they pay back the sum they get fully legal 10% of it and everyone is happy and no police are involved.
I've never heard before, although I could be wrong about a hacker hacking the wallets of a criminal especially since they don't know where the coins are actually, imagine the hacker miraculously finds those are hosted in a cold wallet somewhere and they hack some dex for it, how would that even work from a legal point of view?
But as for WazirX, I'm not so sure how anyone can feel sorry for them. Because they failed to implement a SAFU fund for their users as an insurance against getting hacked, and now the result is their customers bearing the burnt of the loss.
I think the SAFU worked only during the time when they were either bought or under Binance ;D after all , isn't SAFU a trademark , lol?
It could be a trademark by Binance, and as far as I remember, they started a call to other exchanges as well to reserved at least 10% of their funds to SAFU in case of such hacked will happen in the future for them and other exchanges.
But it seems that this call to action was not heed obviously, and not WazirX resorted to want to pay white ethical hackers that 10% of the funds that was hacked. And it might be huge amount, but I don't know if this is a effective method of exchanges instead of simply allocating 10% as a reserved.
-
What is certain is that the number of users will decrease and many will move to larger exchanges that better guarantee the security of their investments. if there was also a controversial problem before, then it is only necessary to see Wazirx go bankrupt slowly.
WazirX mentioned that "many exchanges" are "cooperating" with them and explained immediate plans that include "tracking stolen funds, recovering customer assets, and conducting a more in-depth analysis of the cyberattack
This statement made by WazirX also indicates that before this hack they lacked resourcefulness and security checkup, the hack occurred after they did a security update. Whatever the reason will be but if I were one of the users of this exchange then I would have left the exchange since it last hacked back. It's always easy for new users to give a second chance to an exchange like this, and users also give try in the rave of getting some bonus, or reward and by joining some contest within the exchange otherwise it's not wise to store funds on such an exchange.
On the first hand, it's not wise to store funds in any CEX at all but if a person like me is still storing then its best to leave this exchange out of option. Although I never used this exchange because I never needed to, I always used one Binance, and last I used Kraken by due to the case against it from SEC I left it as well. Binance was under great pressure back in 2023 and at that time when I sensed the pressure among Binance and the Government I withdrew all funds but I had this feeling that this exchange will survive.
-
It could be a trademark by Binance, and as far as I remember, they started a call to other exchanges as well to reserved at least 10% of their funds to SAFU in case of such hacked will happen in the future for them and other exchanges.
No exchange actually has that money, you would need to make a profit of at least 10% of what people deposit on your website from fees, yeah you can make a ton of money from those but it is nothing compared to the volume of $ you need to ensure. SAFU is a marketing trick, if even Binance gets hacked you will see how little their funds can cover.
And it might be huge amount, but I don't know if this is a effective method of exchanges instead of simply allocating 10% as a reserve.
It's a difference, but not about the efficiency, about how much $
- with a reserve of 10% you get hacked and you still have 10% but that's all
- with this 10% offer, you might get the rest of the 90% stolen
-
This statement made by WazirX also indicates that before this hack they lacked resourcefulness and security checkup, the hack occurred after they did a security update. Whatever the reason will be but if I were one of the users of this exchange then I would have left the exchange since it last hacked back. It's always easy for new users to give a second chance to an exchange like this, and users also give try in the rave of getting some bonus, or reward and by joining some contest within the exchange otherwise it's not wise to store funds on such an exchange.
On the first hand, it's not wise to store funds in any CEX at all but if a person like me is still storing then its best to leave this exchange out of option. Although I never used this exchange because I never needed to, I always used one Binance, and last I used Kraken by due to the case against it from SEC I left it as well. Binance was under great pressure back in 2023 and at that time when I sensed the pressure among Binance and the Government I withdrew all funds but I had this feeling that this exchange will survive.
WazirX was once very famous during the bullrun 2021 thanks to the impressive price increase of the WRX token from $0.05 to $5.00. However, this CEX has almost disappeared from the crypto map when the token price dropped sharply and there were no major events for the community. This hacking incident further damages WazirX reputation, and it's never been my choice. Luckily, I don't use WazirX and am not affected by this hack.
I think many other investors and traders have similar views: no one wants to use a CEX with poor security. I'm afraid that WazirX will fail and be acquired by some other CEX in the future if there isn't a large enough promotional strategy to regain customer trust.
-
Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
$SHIB or any other memecoin for that matter, are popular (in India or elsewhere) because they are very cheap, when people purchase these cheap coins they get huge quantities and usual mindset goes, it's easy to be rich that way.
Now in real life, has such mindset made more millionaires or it has made more poor? I ask because I know of few people who claim that such meme projects made them big fortunes and others also claim that they lost massively. Comparing the ratio of win to lose. Has the meme coins done more harm than good?
$wif, $pepe,$shib — early buyers made fortunes with this coins, and I saw some regret tweets also from people who had gotten early into these coins but sold early and missed their fortunes.
However, the survive ratio amongst meme coins remains piss poor and most people lose in it. There are handful of memecoins surving among thousands that appear. Myself also gambled on few memecoins in hopes to get rich, and it didn't work out.
-
Although i don't understand why most loss caused by stolen SHIB, is SHIB very popular in India? Your opinion is greatly appreciated.
$SHIB or any other memecoin for that matter, are popular (in India or elsewhere) because they are very cheap, when people purchase these cheap coins they get huge quantities and usual mindset goes, it's easy to be rich that way.
Now in real life, has such mindset made more millionaires or it has made more poor? I ask because I know of few people who claim that such meme projects made them big fortunes and others also claim that they lost massively. Comparing the ratio of win to lose. Has the meme coins done more harm than good?
$wif, $pepe,$shib — early buyers made fortunes with this coins, and I saw some regret tweets also from people who had gotten early into these coins but sold early and missed their fortunes.
However, the survive ratio amongst meme coins remains piss poor and most people lose in it. There are handful of memecoins surving among thousands that appear. Myself also gambled on few memecoins in hopes to get rich, and it didn't work out.
I had gambled in such a meme coin even when I do not understand what type of coin it was. I was informed to go buy shiba that it was making some massive movement and honestly, it did make but unfortunately to me, I entered the market when it was the end of the pump. The coin dumped on me and till now I am still holding it.
The conclusion is that while a few early adopters make good fortune, so many lose out completely.
-
Thank you for the update. It's reassuring to know that the team is actively investigating the breach and prioritizing the safety of assets. I appreciate the transparency and the steps being taken to address the issue. I’ll stay tuned for further updates and hope for a swift resolution.
-
Thank you for the update. It's reassuring to know that the team is actively investigating the breach and prioritizing the safety of assets. I appreciate the transparency and the steps being taken to address the issue. I’ll stay tuned for further updates and hope for a swift resolution.
Reassuring? Safety of assets?
https://cointelegraph.com/news/wazirx-socialized-loss-strategy-230m-hack
Socialized loss strategy so everyone will lose 45% of their coins, as the chances of getting those back are slim to none.
Unlocking of locked tokens will be subject to ongoing recovery efforts. This includes tracing and recovering stolen assets, collaborating with partners to cover the deficit, and exploring compensation methods, including potential airdrops. Users who select Option A can benefit on priority from proceeds that we are able to receive (if any) from ongoing or future recovery efforts.
They just took customers' money to cover the loss and keep going, and after that people were angry about why did some demanded regulations, and why authorities are trying to force exchanges to keep exchange and customers' coins separated.
10 years and nothing has changed, you;re better of having your coins in a pawnshop than an exchange.
-
Thank you for the update. It's reassuring to know that the team is actively investigating the breach and prioritizing the safety of assets. I appreciate the transparency and the steps being taken to address the issue. I’ll stay tuned for further updates and hope for a swift resolution.
So what do you think is going to happen, do you even think there is a 0.1% chance that there would be a swift resolution; Mt. Gox is just refunding their customers this month, creditors had to wait ~ 10 years. You can only ensure the safety of your assets if you store it in your self custodial wallet, and i recommend you ignore PR published by a hacked exchange, it does not mean there is a solution forthcoming.
-
WazirX was once very famous during the bullrun 2021 thanks to the impressive price increase of the WRX token from $0.05 to $5.00. However, this CEX has almost disappeared from the crypto map when the token price dropped sharply and there were no major events for the community. This hacking incident further damages WazirX reputation, and it's never been my choice. Luckily, I don't use WazirX and am not affected by this hack.
I think many other investors and traders have similar views: no one wants to use a CEX with poor security. I'm afraid that WazirX will fail and be acquired by some other CEX in the future if there isn't a large enough promotional strategy to regain customer trust.
I did not know about the pump in the price of WRX token well it's really a big pump and I hope the investors have made some big profits from it. And you are right Wazirx is not disappearing from the exchange list the reason is users have other options like most of people are now using OKX and Bybit which are also good exchanges. I was also not affected by the WazirX incident as I don't use it. I prefer to use exchanges that can be easily accessible from my country as in terms of KYC.
WazirX is dead in my sight they might prefer to rebrand their name or sell themselves to a reputed exchange as you mentioned. These are the only ways for them to recover. But if they spend money like on campaigns then people in the hope of making money might do trading and store funds on the exchange.
-
But if they spend money like on campaigns then people in the hope of making money might do trading and store funds on the exchange.
Spend money on what kind of campaigns? I don't think there is a way back for this exchange, they lost so much to this hack, and for the fact that they are suggesting a 'socialized loss' strategy to resolve this issue and allow customers' have access to only 55% of their assets shows that they are not serious and there is no solution in sight.
-
snip..
Slowly a demand for CBI enquiry is growing up. CBI is like FBI for India and the demand is coming from the exchange user who wants transparent investigation. There are speculations that this was a inside job as WazirX has not been clear about many things. The worst part about it that the government of India doesn't have any regulation yet for crypto whereas they are already implemented high tax on cryptocurrency transaction and trading.
Source (https://www.cryptotimes.io/2024/07/29/wazirx-users-demand-cbi-inquiry-against-platform-owners-post-hack/)
-
There are speculations that this was a inside job as WazirX has not been clear about many things. The worst part about it that the government of India doesn't have any regulation yet for crypto whereas they are already implemented high tax on cryptocurrency transaction and trading.
It could well be an inside job, there are always such speculations whenever an exchange is hacked or when there is a data breach in any system, we would see what happens with the investigations, but for sure it is going to be a long process. Creditors should not expect that this could be settled in a short time, because it won't.
-
There are speculations that this was a inside job as WazirX has not been clear about many things. The worst part about it that the government of India doesn't have any regulation yet for crypto whereas they are already implemented high tax on cryptocurrency transaction and trading.
It could well be an inside job, there are always such speculations whenever an exchange is hacked or when there is a data breach in any system, we would see what happens with the investigations, but for sure it is going to be a long process. Creditors should not expect that this could be settled in a short time, because it won't.
Yeah, that is a big possibility as well, recently, our local exchange Coins.ph was hacked. And then we have a lot of speculations as who might be the culprit. And we haven't heard any updates from them until last month when they say that the 2 Russian they hired as a consultant was the one who perpetuated the millions of dollars hacked on them.
So we can't really rule out that it could be inside job and maybe we will know the truth later similar to what had happened to our local exchange.
-
snip..
In your case the exchange was transparent about the hack and the investigation that they completed. In WazirX case the exchange has not been transparent with the investigation and that why those who lost are now demanding an inquiry by the CBI. This is a genuine demand but on the other hand such inquires will take time and in the meantime those who suffered due to this hack would have to wait for their funds.
-
Spend money on what kind of campaigns? I don't think there is a way back for this exchange, they lost so much to this hack, and for the fact that they are suggesting a 'socialized loss' strategy to resolve this issue and allow customers' have access to only 55% of their assets shows that they are not serious and there is no solution in sight.
Haha socialized loss strategy what a joke, why would the customers prefer this option. Although they have no other option because their decision of choose this exchange was a mistake in the first place. Now they have to bear all this fuss and great lose at least those who lot in MT Gox and FTX exchange have some insurance in the form of the statement that they will receive their funds in full but this is just so insane.
After this statement no campaign can help them really, I was unaware of this statement but now as I know, it made me say the same thing that no one really will take WazirX seriously from now on.
-
Yeah, that is a big possibility as well, recently, our local exchange Coins.ph was hacked. And then we have a lot of speculations as who might be the culprit. And we haven't heard any updates from them until last month when they say that the 2 Russian they hired as a consultant was the one who perpetuated the millions of dollars hacked on them.
Oh, i have not heard of this news, probably because Coins.ph is a local exchange in the Philippines. I believe that some exchange hacks are inside jobs and if it is a small exchange, i can even going as far as saying it was perpetrated by the exchange themselves, of which they will make up an excuse of what happened to the funds.
-
snip..
In your case the exchange was transparent about the hack and the investigation that they completed. In WazirX case the exchange has not been transparent with the investigation and that why those who lost are now demanding an inquiry by the CBI. This is a genuine demand but on the other hand such inquires will take time and in the meantime those who suffered due to this hack would have to wait for their funds.
No they are not transparent, they didn't even acknowledge that they were hacked already. I even send them a personal email to ask what happen but they just answered that funds are safe.
But in this case, they already acknowledge the hack in the beginning and try to make measures to catch the thief by offering bounties. And then the one to suffer here is the obvious customers as funds are not SAFU.
-
No they are not transparent, they didn't even acknowledge that they were hacked already. I even send them a personal email to ask what happen but they just answered that funds are safe.
But in this case, they already acknowledge the hack in the beginning and try to make measures to catch the thief by offering bounties. And then the one to suffer here is the obvious customers as funds are not SAFU.
In both cases, it is evident that those who are into crypto are not able to understand the concept of "Not your, not your coin". If those users on both exchanges had not kept their coins in the exchange wallet then they would not have faced such a situation. I have read. a lot of users from WazirX discussing the amount the lost on Reddit and now they are repenting for their decisions.
-
No they are not transparent, they didn't even acknowledge that they were hacked already. I even send them a personal email to ask what happen but they just answered that funds are safe.
But in this case, they already acknowledge the hack in the beginning and try to make measures to catch the thief by offering bounties. And then the one to suffer here is the obvious customers as funds are not SAFU.
In both cases, it is evident that those who are into crypto are not able to understand the concept of "Not your, not your coin". If those users on both exchanges had not kept their coins in the exchange wallet then they would not have faced such a situation. I have read. a lot of users from WazirX discussing the amount the lost on Reddit and now they are repenting for their decisions.
People already know that if you don't own the keys then you don't own the funds but they only these low-key exchanges because of availability and events. Many join to trade tokens and coins only listed there. No one saw it coming and that's how a hack is supposed to come. If anyone has predicted the coming situation then why would they be using it still.
Before choosing an exchange I first look up to their reserves and past hack, scam, and security level events to conclude if the exchange is worth it. Even if it's worthy I won't be holding most of my funds in one exchange because it's not wise.
-
Before choosing an exchange I first look up to their reserves and past hack, scam, and security level events to conclude if the exchange is worth it. Even if it's worthy I won't be holding most of my funds in one exchange because it's not wise.
It was one of the most trusted exchanges and had the highest volume in India. Another important factor why the Indian crypto community had chosen WazirX was the availability of different pairs for trading. Those who lost their funds were mainly traders who were using WazirX for regular trading of meme coins. But, now these traders have learned the hard way and it would be not that easy for them to recover their funds.
-
It was one of the most trusted exchanges and had the highest volume in India. Another important factor why the Indian crypto community had chosen WazirX was the availability of different pairs for trading. Those who lost their funds were mainly traders who were using WazirX for regular trading of meme coins. But, now these traders have learned the hard way and it would be not that easy for them to recover their funds.
It's unfortunate that WazirX has been attacked and hacked. I hope they can recover from the losses soon and that users will be compensated instead of losing their assets stored on the exchange. This will be another reminder for us to self-custody our crypto assets.
The good news for investors in India is that Binance has returned and is providing services to them. I believe that Binance has much better security than WazirX and Binance also has SAFU to protect user assets in the worst-case scenarios.
- Binance returns to India as registered crypto exchange following 7-month ban (https://cointelegraph.com/news/binance-india-relaunch-fiu-registration)
-
The good news for investors in India is that Binance has returned and is providing services to them. I believe that Binance has much better security than WazirX and Binance also has SAFU to protect user assets in the worst-case scenarios.
It is a piece of good news for the Indian crypto community as before the ban Indians were the biggest user of Binance than the local exchanges. Now, the concern is whether they will be charging their Indian community with 1% TDS (Tax Deduction at Source) from 2022 or from this year. 2022 was the year when the Indian government implemented the Tax on cryptocurrency trading. At that time Binance was not in India but Indian users were using the exchange.
-
WazirX recently suffered a cryptocurrency hack worth around $230 million, most of which was SHIB (Shiba Inu). According to reports, North Korean hacker group may be behind this hacking. Due to serious security concerns, WazirX and other related parties are investigating the hack and taking remedial measures. You must take the help of google to know about it completely.
-
It was one of the most trusted exchanges and had the highest volume in India. Another important factor why the Indian crypto community had chosen WazirX was the availability of different pairs for trading. Those who lost their funds were mainly traders who were using WazirX for regular trading of meme coins. But, now these traders have learned the hard way and it would be not that easy for them to recover their funds.
Its true that the exchange is trusted among Indians and they must be using it to support their own product and brands because that's what they have been doing for the past few years. They create their own brand and depend on it instead of depending on foreigner brands. I like this method.
Those who lost funds are not in a bad situation including the condition of the market is also bad so they are in more bad condition so they have now choice now and have to accept the offer WazirX has made to them even if they have to face loss.
-
One good news, they updated the balances.. :D
https://x.com/WazirXIndia/status/1824231258622398534
One bad news, you can see your gull balance but you can't withdraw a penny.
Another thing I find impressive is the amount of spam for different x accounts that would "help" you recover the funds, there are like 4 or 5 times more of those than genuine comments, I wonder if the scamming business is that profitable so there are hundreds of guys trying it?
-
One good news, they updated the balances.. :D
https://x.com/WazirXIndia/status/1824231258622398534
One bad news, you can see your gull balance but you can't withdraw a penny.
Lol, good for some people to learn that what they see as their balance in any custodial service is nothing but numbers, if anything goes wrong with the service, you can still see those numbers, but you can't withdraw shit.
I wonder if the scamming business is that profitable so there are hundreds of guys trying it?
I guess so, there are a lot of gullible and naive people out there, so scammers hope to hit such people.
-
An update:
https://x.com/WazirXIndia/status/1825419334476517383
Mandiant, a leading cybersecurity firm, and Google subsidiary has confirmed that the laptops used by WazirX team members during the recent $230M cyberattack were NOT COMPROMISED.
So, I don't know what they are trying to tell users with that but from my pint of view this means only one thing, it was an inside job!
And if it was one there are two things:
- the good part they might catch the thief
- the bad part, if they are all in this the funds are clearly gone since this was their plan