Security

WazirX hack’s crisis management is ‘deeply flawed’ says Mudrex CEO

Key figures in the Indian crypto sector are calling out WazirX over its post-hack crisis management measures.

According to Edu Patel, CEO of crypto exchange Mudrex, the exchange’s response to the incident has been “deeply flawed.”

In a LinkedIn post on July 31, Patel said the attack on WazirX was “unfortunate” but the approach WazirX took to handle the situation was “not appreciated.”

Mumbai-based WazirX, one of India’s largest exchanges, was hacked for $230 million in cryptocurrencies.

Over 15,000 Ethereum, alongside other tokens like Shiba Inu and Polygon’s Matic, was drained from the exchange’s multi-sig wallet, crippling the exchange’s ability to maintain a 1:1 collateral.

The incident affected 45% of customer funds, per the exchange’s post-hack report.

According to Patel, WazirX knowingly operated for three days post-hack when it should have halted services immediately. He continued:

This decision not only compromised user security but also eroded trust.

The blame game post-hack

Patel further criticized the exchange’s confusing forensic report which has left users confused.

On July 25, WazirX published its internal investigation, publicly stating that the incident involved signatures from three WazirX signers and one from Liminal – its cryptocurrency custody service provider.

However, the exchange claimed its signers’ machines were not “compromised.” Days later, Liminal also published a report, claiming that its systems remained unaffected and had not been breached.

Patel criticized the lack of cooperation, stating that both parties should have focused on “collaboration” and “responsibility” rather than sharing uncoordinated and engaging in a “blame game.”

Pointing fingers only detracts from addressing the real issues and finding solutions.

A controversial recovery plan

Moreover, the Mudrex co-founder also slammed the exchange for its controversial recovery strategy, which proposed a 55/45 asset access plan.

Dubbed the socialized loss strategy, it proposed allowing users immediate access to 55% of their assets, but the remainder would be locked in Tether’s USDT.

To the surprise of many, this also included users who held assets not impacted by the attack.

WazirX claimed this would help retain the platform’s stability, which has currently halted all services.

The plan faced immediate backlash for its perceived unfairness to users. Influential voices in the industry argued it unfairly burdens users with the loss. Subsequently, WazirX withdrew the plan, with CEO Nischal Shetty calling for community feedback to find a solution.

Quick update about the poll. Your suggestions and feedback is how we’ll be able to find a feasible solution 🙏 https://t.co/StawTcB1BP pic.twitter.com/XkLs5Jlmx9

— Nischal (Shardeum) 🔼 (@NischalShetty) July 29, 2024

Patel argued that this “should have been the first step” rather than a reactionary measure after facing backlash. He urged WazirX to devise a recovery plan that prioritises making users whole.

At the time of publication, the attacker had swapped all the stolen funds for 59,097 ETH distributed among multiple wallets.

The post WazirX hack’s crisis management is ‘deeply flawed’ says Mudrex CEO appeared first on Invezz

Source

Click to rate this post!
[Total: 0 Average: 0]
Show More

Leave a Reply

Your email address will not be published. Required fields are marked *