The WazirX crypto exchange hackers have nearly completed their efforts to launder the $230 million haul through coin mixer Tornado Cash, throwing a wrench into the efforts to recover funds for affected users.
Hackers have moved 15,000 ETH (nearly $40 million today) since Monday night across scores of transactions. The development followed the High Court of Singapore granting the Indian crypto exchange WazirX a four-month moratorium to restructure its liabilities following the midsummer hack of more than $230 million.
Last week, the wallet holding the funds sent some $33 million worth of Ethereum to Tornado Cash. Since then, the wallet has continued to move funds to other wallets, in many cases then continuing to run the coins through Tornado Cash, which makes them more difficult to track.
Arkham Intelligence data shows that the hacker's main wallet still holds more than $6 million in multiple crypto assets, primarily Ethereum, according to on-chain data from Etherscan. The entity behind the hack moved about $57 million worth of assets over the last seven days.

WazirX Funds on the Move as Hacker Shifts $33 Million to Tornado Cash
Around $33 million in crypto stolen from Indian crypto exchange WazirX are on the move, with the hacker responsible sending the funds to a new address and then to coin mixer Tornado Cash. The hacker has been moving funds in blocks of 5,000 ETH (around $12 million at today's Ethereum price), shifting one tranche Thursday morning according to security firm Cyvers. It follows earlier transfers on Wednesday and Monday, bringing the total transferred over the course of the week to $33 million. 🚨UPD...
Data shows that the known WazirX exploiter addresses have quickly dispersed the funds to addresses that are untracked by blockchain analytics platform Arkham Intelligence. This includes a total of 26 listed transactions to Tornado Cash addresses.
Tornado Cash is a decentralized cryptocurrency mixer that uses smart contracts to commingle cryptocurrencies, making it virtually impossible to trace funds back to their original source. It was sanctioned by the United States Treasury's Office of Foreign Assets Control in 2022, making it illegal to use in the country.
Still, authorities have no tools, let alone legal jurisdiction, that would allow them to halt the operations of a decentralized system, and the notorious mixer had handled nearly $2 billion in 2024 through July.

Binance Denies Responsibility in WazirX Hack, Says It Never Acquired the Company
Binance denies WazirX ownership and responsibility for a recent $235 million hack, urging the platform to address user fund losses. Binance released a statement addressing recent claims about its relationship with the Indian crypto platform WazirX in a blog post earlier today. This announcement follows a reported hack on WazirX in July 2024, which resulted in the loss of user funds valued at approximately $235 million. The statement responds to assertions made by Nischal Shetty, the primary owne...
The WazirX hack targeted a multisignature wallet, resulting in the loss of $97 million in meme coin Shiba Inu (SHIB) and $53 million in Ethereum, with other swiped assets pushing the total figure to $230 million. These stolen funds represent more than 45% of WazirX's total reserves. The exchange has since initiated a restructuring process to address its liabilities.
WazirX founder Nischal Shetty has attributed the breach to various parties during this period. Initially, he blamed custodian Liminal for the security lapse, which Liminal denied. In August, Shetty alleged that Binance held the majority of WazirX parent Zettai Labs' funds, limiting their ability to compensate affected customers. Binance refuted these claims soon thereafter.
Some analysts believe that North Korea-sponsored actors such as Lazarus Group pulled off the heist.
Jeremiah O’Connor, CTO and co-founder of crypto cybersecurity firm Trugard and former principal investigations scientist at Binance and Coinbase, told Decrypt that "while significant progress has been made in de-mixing transactions, the recovery of stolen funds remains exceptionally challenging, especially when dealing with groups such as Lazarus.”

Binance Helps Indian Government Track $47 Million Connected to Crypto Gaming Scam
Indian law enforcement had an assist from Binance in the investigation of four individuals linked to the Fiewin gaming app. Officials have since arrested the suspects and accused them of defrauding victims of about $47.6 million and laundering it using cryptocurrency. The Fiewin app, marketed as an online betting and gaming platform, promised users easy earnings but ultimately trapped their funds, leaving them unable to withdraw their money. The Enforcement Directorate (ED) of India's investigat...
Groups like Lazarus "leverage networks of foreign operators and employ state-backed protection to facilitate the movement of funds, greatly reducing the likelihood of successful asset recovery,” he added.
Anoop Nannra, Trugard’s CEO, added that “investigators will have a challenging time trying to decipher which of the receiving wallets are actually part of the hack and which are simply innocent bystanders."
Meanwhile, with legal procedures stalled, Indian users have limited options for recovering their losses.
"I personally know of a victim who is both a customer and an investor in WazirX,” said Nannra, “and he is slowly coming to the conclusion that he will not ever see his funds.”
Edited by Andrew Hayward