Recommended

#BTCCOGWEEK: Celebrate the Classics of Meme Coins
Crypto Deposit Make instant crypto transfers to your futures account
USDT-M Perpetual Futures Trade futures contracts settled in USDT
VIP Fee Discounts Enjoy different fee discounts based on your VIP level
Coin-M Perpetual Futures Trade futures contracts settled in cryptocurrency
Fiat Deposit Buy your favourite coins in seconds
Affiliates Invite friends & get rewarded
Convert Covert your crypto instantly
Support Centre Find our FAQs here
Announcements Find all our official announcements
BTCC Academy Learn about blockchain and crypto
News The latest trends in the crypto market

Promotions

Referral
Campaigns
Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / CryptotimesIO /
Hack, Hide, Repeat: The Shocking Double Game of WazirX—Duping Singapore, Draining India

Hack, Hide, Repeat: The Shocking Double Game of WazirX—Duping Singapore, Draining India

Author:
CryptotimesIO
Published:
2025-07-14 05:11:34
13
1

WazirX’s shell game just got exposed—and regulators are scrambling.

How a crypto exchange played two nations against each other while users paid the price.

The Singapore Sling

Flashy compliance nods in one market, shadowy operations in another. WazirX’s ‘global’ strategy looked more like a jurisdictional hopscotch—until the music stopped.

The Indian Heist

While touting FSA-friendly policies abroad, the platform allegedly funneled liquidity from Indian traders into a maze of obfuscated wallets. Classic ‘regulatory arbitrage’—if you’re feeling generous.

Crypto’s Compliance Paradox

Another day, another exchange treating KYC like a buffet—take what you need, ignore the rest. But this time, the bill came with extra zeros.

Final twist? The ‘decentralized’ excuse doesn’t fly when the money trail lands at a single Mumbai office. Stay tuned—the only thing dropping faster than WazirX’s reputation is Bitcoin’s next 10% swing.

WazirX Promised ‘Your Assets.’ Singapore Law Says the Same.

In the days following the hack, WazirX’s official blog post dated July 21, 2024, titled “Important Update: Cyber Attack Incident and Measures to Protect Your Assets,” stated:

“We are reaching out to update you on the recent cyber attack theft that has severely impacted WazirX. The safety and security of your assets always remain our top priority.”

The blog explicitly called the assets stolen “user assets.” That’s legally significant. Singapore’s High Court ruling in Re Taylor & Eqonex Capital Ltd (June 2025) established a crucial precedent: unless users explicitly transfer title, crypto assets held in custodial wallets belong to the users, not the exchange.

Justice Aedit Abdullah ruled in Re Taylor:

  • Custody does not mean ownership.
  • Users retain full ownership rights unless a transfer of title is documented.
  • Exchanges cannot restructure, liquidate, or touch user assets to settle their own debts unless explicitly stated.

WazirX’s own user agreement mirrors this. It clearly mentions: “WazirX acts as an agent working on the instructions of the user.” In plain words, WazirX is a middleman, a custodian, not the owner of the crypto held in user wallets.

Despite all this, post-hack restructuring saw Zettai rebalancing tokens without user consent and without any court order. Worse, court records and investigative reports show that Zettai may have used user assets to cover company debts. 

If proven, this WOULD be one of the most blatant violations of Singapore’s Payment Services Act and common law principles on custodial responsibility.

From Singapore to Panama: The Real Reason Zettai Moved

In June 2025, Toofaan Army revealed one of the most explosive facts in this entire saga: Zettai Pte Ltd quietly established a Panama shell entity named Zensui.

Why Panama? Because Singaporean courts had just ruled in Re Taylor, making it impossible for Zettai to legally touch user funds. Panama, lacking equivalent crypto custody regulations, became the escape route.

Documents show Kroll, hired by WazirX for fund recovery, was allegedly involved in orchestrating this move. Instead of focusing on recovering stolen assets for users, Kroll allegedly assisted Zettai in setting up offshore structures to sidestep Singaporean law.

4/
Enter: Panama 🇵🇦#WazirX’s parent (Zettai) suddenly set up Zensui, a Panama shell company. Why? To escape Singapore jurisdiction and place user assets under foreign opacity — where ownership rights aren’t as clear or protected.#WazirxScam pic.twitter.com/zhqzQD87r9

— TOOFAAN (@TOOFAANARMY) June 19, 2025

This is not mere speculation. On June 20, 2025, the Toofaan Army reported: “The Real Reason Why #WazirX Ran to Panama? Exposing Kroll’s Dirty Tricks.” The report detailed how Kroll’s involvement was not just about investigation, but creating legal detours.

Singapore law made it clear: user funds in custody remain user property. Panama offered Zettai a way to muddy those waters.

MAS Rules Were Crystal Clear—Why Weren’t They Enforced?

Singapore’s MAS isn’t known for regulatory laxity. MAS introduced major amendments to the Payment Services Regulations in 2023, specifically because of global concerns about crypto exchanges mismanaging user funds.

Under Regulation 16C and 16D:

  • All customer assets must be deposited in custody accounts held on trust.
  • Customer assets must not be used to pay off company debts.
  • Transfers of user assets require explicit customer instructions.
  • Daily reconciliations and full transparency with users are mandatory.

Zettai did none of this. What’s worse, it never even applied for a Digital Payment Token Service Provider (DTSP) license. This wasn’t a grey area. This was black-and-white illegal.

Even Rajah & Tann, Singapore’s leading law firm, pointed this out in their August 2023 publication on MAS’s regulatory updates. Yet, here we are, in July 2025, and Zettai still hasn’t been held fully accountable.

How Much Money Is Actually Involved?

WazirX officially claims that over $230 million was hacked. But what they’ve never disclosed—neither to the court nor users- is the exact figure of the company’s profits they keep calling “under dispute.” 

Insider reports, transaction records, and whistleblower data reviewed independently suggest that over $400 million in company profits are actually under dispute. Yet WazirX has never publicly disclosed or confirmed the exact figure. 

The Crypto Times and Romy both reached out to WazirX for an official comment regarding this amount, but so far, there has been no response or official clarification from the company.

That so-called dispute seems less like a legal matter and more like a cover to shield undisclosed earnings and founder wealth. Fund transfers worth ₹342 crore to companies owned by Nischal Shetty and his spouse, Moujhari Guha, have already surfaced. 

A key figure: around Rs 1,000 crore in transactions have been linked directly to entities controlled by Nischal Shetty and his close family members. These are documented in court filings and internal accounting ledgers now part of the Singapore court case.

One particularly damning detail: Zanmai Labs, listed as the operational entity in India, shows zero employees on record while allegedly controlling exchange operations. That in itself is another red flag that regulatory bodies have so far overlooked.

Tomorrow’s Court Hearing: Singapore’s Moment of Truth

On July 15, 2025, at 7:30 AM IST (10:00 AM SGT), the Singapore High Court is set to hear further arguments in HC/SUM 940/2025. The hearing could stretch into July 16, as a reserve date has been set.

The court will examine several Core issues:

  • Was Zettai Pte Ltd unlawfully operating as a DPT service provider in Singapore before June 30, 2025?
  • Did Zettai misuse user assets to cover company debts in violation of both MAS regulations and Singapore’s fiduciary laws?
  • Did MAS fail in its duty to enforce its own licensing and regulatory requirements?

Toofaan Army has issued a clear statement ahead of the hearing: “While Zettai Pte Ltd may attempt to claim it was not in breach of the Financial Services and Markets Act prior to 30 June 2025, it is clear that it was unlawfully conducting Digital Payment Token (DPT) services without a license under the Payment Services Act 2019.”

Final Nail: Negligence, Hidden Wallet Signers, and Unanswered Questions

Adding to the already damning facts, Cybersecurity and Forensic Analysis Expert Nabil Salih has highlighted an alarming detail that WazirX has never officially addressed. The custodial wallet from which $230 million was drained was controlled by six authorized signatories, including representatives from Liminal. 

Crucially, only four of these six signers were needed to approve any transaction. As Nabil bluntly put it, “It’s evident that four of them signed these transactions intentionally, or it’s utter negligence by the company, and this cannot be considered as a force majeure event.”

To date, WazirX has refused to disclose who these six individuals are. The identities of the people holding the keys to the wallet remain hidden, shielding them from personal liability. But make no mistake, this silence is strategic. If WazirX were to reveal those names, the legal game would shift instantly. 

Individuals could be held directly accountable. Founders, linked entities, and associated assets could all be dragged under liquidation proceedings. This is why, as experts argue, targeting only the company isn’t enough. Going after the people involved is the real way to bring justice.

Further strengthening this argument, Nabil also established that the 240,000 wallet addresses published in Nischal Shetty’s fourth affidavit can be traced back to individual users. 

These are unique deposit wallets clearly belonging to WazirX users, which proves beyond any reasonable doubt that WazirX was merely acting as a custodian, not an owner, of user assets. 

This forensic insight aligns perfectly with blockchain entrepreneur Romy Johnson’s affidavit submitted in the Honourable High Court of Singapore. 

On page 13/45A, it states: Nischal Shetty’s affidavit fails to explain why internal multisig controls—used to facilitate the July 2024 token drain—should qualify as a force majeure event. 

This violates the standard in Glahe International v Yap Chwee Hock [1999] 3 SLR(R) 923, where the court held that force majeure cannot apply where the event was internally foreseeable or caused by the party’s own negligence. 

Also Alliance Concrete Singapore Pte Ltd v Sato Kogyo (S) Pte Ltd [2014] 3 SLR 857, confirming that internal control failure does not excuse performance.

Even respected blockchain investigator TruthLabs, known as @BoringSleuth, weighed in sharply:

“To date, @WazirXIndia and its founders have done nothing outside of immensely harming their customers, locking them out of their Web3 and Crypto future, while they hide behind words and not actions.”

The pattern is unmistakable: negligence disguised as accident, secrecy disguised as compliance. If WazirX ever discloses who exactly held the keys to that hacked wallet, it’s Game Over—not just for WazirX, but for everyone tied to it.

Why This Case Matters Globally

This isn’t just about WazirX or Indian crypto investors. This case is about the credibility of Singapore as one of the world’s leading crypto jurisdictions.

If a company like Zettai can operate without a license, hold hundreds of millions in user funds, MOVE assets offshore, and avoid legal repercussions for over five years, what message does that send to the global crypto community?

One year after India’s largest crypto hack, there are still no clear answers for users. No recovered funds. No proper accounting. No accountability.

But tomorrow’s hearing could change that.

The world will be watching the Singapore High Court on July 15, 2025. It’s not just a legal matter. It’s about trust in the financial system, in regulations, and in the promise that user rights matter.

Because if Singapore doesn’t enforce its own laws in a case as open-and-shut as WazirX, then truly, where is the line drawn?

Every crypto investor deserves clarity, protection, and justice. It’s time Singapore proves it still stands for all three.

Also Read: WazirX Under FIU Probe Again Over Alleged Terror Crypto Links

    

Google News

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service
Social Media

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved