Hacker Cashes Out Final Batch of Stolen WazirX Funds: Lessons in Handling Crypto Breaches
In a stunning conclusion to a major crypto heist, the hacker responsible for stealing $230M from WazirX has nearly finished laundering the stolen funds. After 22 days, the final batch of assets was reportedly cashed out, highlighting a significant lapse in WazirXโs security and crisis management.
Comparing WazirXโs response to the more efficient approach taken by BingX in handling a similar situation reveals a stark difference in damage control strategies. Hereโs a breakdown of where WazirX faltered:
1. Delayed Communication and Transparency
BingX responded swiftly to their hack by holding an AMA within hours, reassuring users that their funds were safe and providing updates regularly. In contrast, WazirX avoided engaging with their users through AMAs, and even disabled comments on their posts, limiting open communication at a critical time.
2. Slow Withdrawal Process
In the case of BingX, withdrawals were resumed within 24 hours, minimizing disruptions for users. WazirX, however, paused withdrawals and took over a month before making any significant moves. Initially, WazirX stated that 100% of INR funds were safe, only to later reveal that only 66% would be available for withdrawal
3. Compensation and Accountability
BingX set a standard by announcing full compensation to affected users using their own capital. On the other hand, WazirX first shifted blame to Binance before implementing a 4-month moratorium, a move made without user support. This delay in taking responsibility only further frustrated their community.
4. Ineffective Bounty Offering
WazirX announced a bounty for the hacker three days after the attack, by which time the majority of the stolen crypto had already been converted into Ethereum. This late response made it virtually impossible to recover the funds.
Throughout the BingX hack, users were still able to trade smoothly without experiencing major lag or service disruptions.$WRX