WazirX, India’s largest cryptocurrency exchange, threw the country’s crypto community into a state of turmoil on July 18, when it announced a devastating hack that saw approximately $235 million (₹2,000 crore) siphoned from a single wallet. Initial suspicions pointed towards the notorious North Korean Lazarus Group. Although the exchange was quick to attribute the breach to external forces, the narrative has since taken an unexpected twist. On November 26, a group of WazirX users, rallying under the banner “Justice for WazirX Users,” alleged that this might not have been an international cyberattack at all, but an inside job.
These claims are supported by a detailed timeline of events leading up to the hack, painting a picture of a platform wrestling with financial strain, regulatory scrutiny, and operational chaos. The users argue that the circumstances surrounding the breach are too coincidental to dismiss. This has led to widespread speculation about whether this could indeed have been an inside job, or whether these suspicions are simply the result of frustration and a growing sense of distrust.
According to the viral Twitter thread, WazirX’s troubles did not begin with the hack, but can be traced back to February 2022, when the Indian government imposed a 30% tax on crypto profits. This policy led to a sudden and drastic drop in WazirX’s revenue, severely impacting user activity and profits. A mere two months later, WazirX’s founders, Nischal Shetty and Siddharth Menon, permanently relocated to Dubai, sparking questions about whether this move was a strategic attempt to shield themselves from regulatory pressures.
The situation worsened in August 2022, when the Enforcement Directorate of India froze $8 million worth of WazirX’s assets, alleging involvement in money laundering. Despite the exchange denying these allegations, the raid tarnished WazirX’s reputation and added immense operational strain. By January 2023, the challenges deepened when Binance, the global crypto giant and WazirX’s former partner, cut all ties with the exchange. This effectively severed a crucial support system.
Things took a further turn in January 2024 when India outright banned Binance, leading many Indian users to transfer their funds back to WazirX. This swelled its reserves to enormous levels. $235 million (₹2,000 crore) was reportedly concentrated in a single wallet, while another $333 million (₹2,500 crore) was distributed across 250,000 smaller wallets. This concentration of funds, critics argue, was a ticking time bomb.
The hack finally occurred in July 2024, wiping out the $235 million stored in the single wallet. Critics were quick to question why WazirX would consolidate such a significant amount in one vulnerable location. Was this negligence, or something far more calculated, perhaps even a staged hack?
The fallout from the WazirX hack has only grown messier with each passing day as new allegations and financial discrepancies continue to emerge. One major revelation from WazirX’s affidavit is its application for a moratorium in Singapore, aimed at restructuring its obligations after the hack. Initially, the platform reported that the total value of funds during the hack was $570 million, with $234 million stolen. However, this figure was later revised to $546 million, suggesting that 45% of the funds were stolen.
Moreover, out of 4.2 million users, only 431 expressed support for the moratorium. Financially, these supporting users account for liabilities of $9.2 million, far below the $410 million threshold needed for the moratorium’s approval.
Adding to the doubts is a key revision in WazirX’s financial statements. Zettai, WazirX’s Singapore-based arm, reported revenues of $108 million in 2022 and $12 million in 2023. However, $