WazirX Hack Leaves Indian Users Helpless: 45% Crypto Gone, No Access to Remaining Funds—Only Singapore High Court Can Help to users. Hope They Hear Indian Voices. We Don't Trust On Wazirx Now.
So, how can an exchange use users' funds for any purpose without their permission? If a user wants to transfer their assets or has trust issues with the exchange, the exchange should not have the authority to prevent them from doing so. Users have complete rights over their assets—whether they choose to sell, convert, or transfer them. Any attempt by an exchange to stop or control these actions is a direct violation of these rights.
WazirX has seen significant growth, now serving 16 million users (source) and earning substantial profits, particularly during the bullish market of 2020-21. Over the past six years, they have expanded into various ventures, launching multiple companies and projects (details). Notably, the co-founders recently relocated to Dubai, a move that has raised concerns, especially given its timing before this incident.
This has led to questions about whether the exchange truly lacks the funds to return stolen crypto to users. Why are they forcing unaffected users to bear the burden of this cyber attack with their safe assets? With earnings from trading fees, token listings, and partnerships, many wonder why WazirX isn’t using its resources to address the losses.
Users have several legitimate concerns that warrant attention, particularly from the Singapore High Court. WazirX's decision to file a complaint in Singapore raises questions about their attempt to avoid legal action from Indian authorities. Many Indian users were unaware that WazirX is registered in Singapore,
as the exchange had not disclosed this information prior to the hack. Despite presenting themselves as “WazirX: India Ka Bitcoin Exchange,” as seen on their Twitter profile (source), the lack of transparency has left users feeling misled and uncertain about their rights.
Indian users have raised several serious questions, but when they seek answers from the CEO, they often find themselves blocked on Twitter, leading to concerns about the exchange's transparency.
Before the hack, the CEO publicly affirmed his position and role. However, following the incident, he made a statement distancing himself from the situation, saying, “I cannot sell something I do not own. If I had ownership, I would have gone to any length.” This shift in stance has left users puzzled and seeking clarity on the CEO's actual role and responsibilities.
(1) Conflicting Claims on CEO Status: Nischal Shetty previously claimed to be the current CEO of WazirX, as evidenced by his tweet on October 1, 2023 (source). However, following the cyber attack, he stated on August 26, 2024, that he sold the platform in 2019 and it is no longer under his control (source). He mentioned, “I cannot sell something I do not own,” which raises the question: if he cannot sell what he does not own, he should also clarify that he cannot use what he hasn’t purchased.
(2) Concerns Over Multisig Wallet Security: The recent hack of WazirX's multisig wallet, which led to stolen assets, raises significant concerns. Given that the wallet requires signatures from three different team members, the attack could not have occurred without their involvement or a serious lapse in security (Tweet). It is highly unusual for all three individuals to be compromised simultaneously, suggesting a serious flaw in the exchange’s security protocols.
WazirX’s decision to hold 45% of users' crypto in a single wallet, while the hacker has dispersed the stolen assets across multiple wallets, highlights a significant contrast in security strategies. This raises a critical question: Who has demonstrated smarter security practices
(3) The mistake on WazirX's part has shifted the burden onto innocent users who invested their hard-earned money with the expectation of benefiting from an anticipated bull run in 2025. Now, instead of addressing the losses directly, WazirX appears to be covering up the incident by not returning even the unhacked assets. This has left many users struggling and disillusioned.
(4) Concerns Over INR Deposits and Trading Post-Hack: Following the hack, WazirX did not immediately disable INR deposits or halt trading activities, raising concerns about potential illegal trading practices. While crypto deposits and withdrawals were suspended, INR transactions continued, which might suggest an intention to retain and control user funds. It was only after significant pressure from Indian users that WazirX took action to halt these deposits.
Interestingly, WazirX also blocked INR deposits made after the hack, limiting withdrawals to 66%. This decision raises questions about the legitimacy of their actions and the transparency of their process. There has been no clear explanation from WazirX regarding which Bank accounts were frozen by the Indian government and the timeline of these actions.
For instance, if an account was frozen in 2020, why were funds deposited after this date also blocked? Such discrepancies further fuel suspicions about the exchange's practices and the fairness of their response to the hack.
What happens to taxpayers who earned profits and their funds are in the exchange wallet? If the wallet is hacked and INR is blocked, should they pay taxes from their pocket? yes forcefully they paid because of wazirx.
If Distributing crypto from user wallets to victims of the hack:-
Impact on Indian Users and Tax Implications: Many Indian users who invested in crypto during the 2021-22 bull market are now facing severe losses, with values having dropped significantly. WazirX's current approach involves distributing crypto from user wallets to victims of the hack. However, this raises critical concerns.
In India, if crypto is converted, users are liable to pay a 1% TDS, and there is no provision to settle losses in income tax. For instance, if a user holds Bitcoin valued at ₹100,000 (from 2021) and the price drops to ₹50,000 (in 2024), but WazirX redistributes 50% of this Bitcoin (after hack), the user would end up with Bitcoin valued at ₹25000 and incur a 1% TDS. This could lead to an overall loss of 75% without the option to offset this loss in tax returns.
The question arises: who bears the brunt of this loss—the user or WazirX? It is crucial for WazirX to consider alternative solutions rather than shifting the financial burden onto users who are already grappling with significant losses.
(5) Reserve Fund Claims: On January 11, 2023, WazirX assured users via tweet that they had “more than a 1:1 Reserves to Liabilities ratio,” indicating they had sufficient reserve funds to meet users' needs in unforeseen scenarios (source). However, the current situation suggests that WazirX is now attempting to use users' funds without permission to cover the losses from the hack. This contradiction between their previous assurances and current practices raises serious concerns about their financial management and transparency.
Wazirx have taken out RS 100 crore for legal fees & other stuff? Why? Why using users money to fight the case?
Concerns Over Fund Usage for Legal Defense: WazirX appears to plan to use user funds to finance their legal battle in Singapore, despite having already withdrawn $12 million of users' funds and the fact that 45% of the assets have been stolen.
This raises a critical question: Where is the profit from their operations? Why is the burden of financing the legal case being placed solely on users' funds? This situation underscores a troubling shift in responsibility and raises concerns about the ethical management of user assets.
Imagine a bus accident where some passengers are injured and others aren’t. It wouldn’t be fair to injure the unhurt passengers to share the pain, right? That's exctly what #WazirX is doing by redistributing unaffected users crypto to cover losses,
In this video, the CEO of WazirX reassured users about the safety of their funds, explaining that the majority of crypto assets are held in cold wallets, with only a small portion in hot wallets (video reference). He emphasized that users' funds are secure and expressed confidence in the integrity of the platform, asserting that there is no intent to engage in fraudulent activities
Impact of WazirX's Proposed Plan on Indian Crypto Users' Taxes:
If WazirX plans to socialize losses by distributing unaffected users' crypto to those affected by the cyberattack—where 55% of users' assets might be redistributed to the 45% who suffered losses—it could create significant tax issues for Indian users. Here’s how:
There is no mention of Zattai in Wazirx Terms & conditions while signing up on the platform. Still, Zattai is taking all the calls regarding crypto funds.
WazirX Privacy Policy:= https://wazirx.com/legal/privacy
WazirX Terms Of Use:= https://s3.ap-south-1.amazonaws.com/wrx-assets/WazirXUserAgreement.pdf?v1
Wazirx has been mentioning in its POR that they hold surplus crypto, why was this not mentioned in the affidavit and can you please share the number of the surplus?
In the affidavit WazirX mentioned that they have taken out Rs 100 crore ($12 Million) from user funds for legal expenses, that’s 5% of the remaining customer funds. Why WazirX doing this and why there is no contribution from the Wazirx team?
WazirX can you please publish the Financials of Zattai for the last 3 years for transparency?
What's the fault of #WazirX users? One wallet gets hacked, and funds are stolen, but why are you planning to punish all users? Locking 45-50% of assets that weren't hacked?