Singapore Court Clears WazirX Path to User Repayments

This is a major step toward compensating the users that were affected by the $234 million hack in 2024. The decision allows WazirX to restart operations and begin repayments through token-based distributions, though timelines vary from weeks to months. Meanwhile, crypto betting platform Shuffle recently suffered a massive data breach after its third-party service provider, Fast Track, was compromised, exposing the personal data of most users. Both of the incidents shed some light on the crypto industry’s ongoing struggle with security vulnerabilities.

WazirX Recovery Plan Gets Green Light

Crypto exchange WazirX secured approval from the Singapore High Court for its long-awaited restructuring plan. This is a huge milestone in its efforts to compensate users that were affected by the $234 million hack that occurred in July of 2024. 

The court’s decision comes weeks after creditors backed a revised proposal, which paved the way for the exchange to initiate repayments through a token-based fund distribution and begin reviving its halted operations.

In a post on X, WazirX founder Nischal Shetty shared his gratitude to the exchange’s community by stating, “Thank you to everyone who supported this difficult phase of WazirX. The Singapore High Court has approved the scheme. It’s your support and love that has made this possible.” The approval concludes over a year of legal and regulatory challenges that the India-based exchange faced while trying to recover funds and compensate more than 150,000 affected users.

The breach targeted WazirX’s Safe Multisig wallet, and led to the theft of approximately $234 million in digital assets. It also forced the exchange to suspend withdrawals. Investigations later linked the incident to North Korean hackers and techniques typically associated with the notorious Lazarus Group.

Earlier this year, WazirX’s creditors approved a similar restructuring proposal, but the Singapore High Court initially rejected it due to concerns over how recovery tokens—central to the repayment plan—would operate under new regulatory frameworks for digital token service providers. The latest approval indicates that these regulatory issues have now been resolved, which allows the exchange to proceed.

While Shetty indicated that users could start receiving their funds within 10 days of the plan taking effect, others involved in the restructuring process suggested a more cautious timeline. George Gwee, a director at Kroll—the firm overseeing the restructuring—estimated that repayments may take up to two or three months after the court’s approval.

Statement from WazirX founder Nischal Shetty (Source: WazirX)

Although WazirX has not published a definitive repayment schedule yet, the recent ruling signals that users are finally creeping closer to recovery after one of the most high-profile exchange hacks in India’s crypto history.

Shuffle Hit by Major Data Breach

While WazirX is taking steps in the right direction, other platforms are still grappling with crypto crime. Shuffle, a leading crypto betting platform, recently fell victim to a major data breach after its third-party customer service provider, Fast Track, was compromised. 

The incident reportedly exposed the personal data of most of Shuffle’s users. Founder Noa Dummett revealed in a post on X that Fast Track, which Shuffle used for programmatic email sending and user communications, suffered a breach that affected a big portion of its customer base. While Dummett did not specify exactly what data was exposed, the involvement of the CRM system suggests that user email addresses and communication records may have been compromised.

Dummett confirmed that the company is investigating how the breach occurred and where the data may have ended up, and added that Shuffle is now seeking alternatives to Fast Track to avoid similar risks in the future. Shuffle ranks among the top 15,000 most-visited websites globally, according to SimilarWeb. This indicates that the number of potentially impacted users is quite substantial. 

Security vulnerabilities still plague the cryptocurrency industry. Even when breaches only expose basic data like email addresses, crypto users face unique dangers because attackers can exploit the information to launch phishing campaigns or social engineering attacks to steal private keys and funds. Unlike in traditional finance, stolen cryptocurrencies cannot be reversed or recovered once transferred.

The past few months have seen a troubling rise in similar incidents across the crypto ecosystem. Platforms like Crypto.com, Bitcoin Depot, and Coinbase have all been affected by data leaks or employee-related security lapses.

Beyond the risk of online scams, leaked information about crypto holders can also lead to physical threats. A growing number of “$5 wrench attacks,” where victims are coerced or assaulted to reveal their private keys, has raised safety concerns worldwide.

Overall, the Shuffle breach serves as a stark reminder of how reliance on centralized third-party service providers is still a weakness in the crypto industry.