Delhi Police have arrested a key suspect, SK Masud Alam, a resident of East Midnapore in West Bengal for a massive WazirX cyberattack. Alam is accused of being involved in the WazirX crypto heist, a high-profile cyberattack that saw the theft of over ₹2,000 crore (approximately $230 million) worth of digital assets.
The WazirX cyberattack, which occurred on July 18, 2023, targeted WazirX’s hot wallet, and investigators believe the cybercriminals also attempted to breach the platform’s more secure cold wallet. WazirX, a popular cryptocurrency exchange in India, allows users to trade a range of digital currencies, including Bitcoin, Ethereum, and its native token WRX.
The platform has become a major player in the Indian crypto market since its launch in 2018, and the breach has raised concerns about the security of cryptocurrency exchanges globally.
How the WazirX Cyberattack Unfolded
According to the Delhi Police’s investigation, Alam allegedly created a WazirX account under the false identity of “Souvik Mondal.” He then sold the account to another individual, M Hasan, via Telegram. Hasan, using this compromised account, is believed to have gained access to the WazirX platform and initiated the cyberattack, which resulted in the theft of the digital assets, reported IndiaToday.
The stolen assets were primarily stored in WazirX’s hot wallet, an online storage wallet that is more vulnerable to cyberattacks due to its constant connectivity. Following this breach, the cybercriminals attempted to access WazirX’s cold wallet—an offline storage solution that provides additional security against hacking attempts. Fortunately, the attack on the cold wallet was unsuccessful. However, the breach of the hot wallet led to the loss of nearly 45% of WazirX’s assets at the time.
The Role of Liminal Custody in the Crypto Heist
One of the most puzzling aspects of the investigation involves Liminal Custody, a digital asset custody solutions firm that was responsible for securing WazirX’s wallets. Despite multiple notices from the Delhi Police, Liminal Custody allegedly failed to provide critical information required for the investigation. This has raised serious concerns about the company’s security practices and its role in the cyberattack on WazirX.
The chargesheet filed by the Delhi Police highlights Liminal’s lack of cooperation, which has hindered efforts to fully trace the cybercriminals behind the WazirX crypto heist. As the investigation continues, authorities have stated that they will address Liminal’s involvement in a supplementary chargesheet. The investigation into the crypto heist on WazirX is still ongoing, with the police working to uncover the full scope of the breach and identify other potential individuals involved in the operation.
Seizures and Investigations
In their investigation, Delhi Police have seized three laptops from WazirX, which were used by authorized signatories for approving transactions through multi-sig wallets. Multi-sig wallets require multiple keys for transaction approval, which adds an extra layer of security to crypto exchanges. The seized laptops are expected to provide crucial data that could help trace the stolen funds and further uncover the individuals responsible for the attack.
WazirX has reportedly fully cooperated with the investigation, providing authorities with essential data such as KYC (Know Your Customer) details, transaction logs, and other relevant information to track the movement of the stolen funds. Despite the scale of the attack and the difficulties posed by the lack of cooperation from Liminal Custody, the police are determined to bring the criminals behind the WazirX cyberattack to justice.
The Aftermath of the WazirX Cyberattack
The WazirX crypto heist has exposed several vulnerabilities in the way cryptocurrency exchanges manage and secure user assets. While WazirX’s swift cooperation with authorities has been noted, the breach has raised broader concerns about the security protocols employed by digital asset exchanges. In particular, the role of third-party custody firms like Liminal Custody is under scrutiny, as their failure to comply with police requests has made it harder for investigators to get to the bottom of the incident.
The attack has not only affected WazirX but has also sent a warning signal to the broader cryptocurrency industry. Experts have called for stricter security measures and greater transparency in the management of digital asset exchanges. As the investigation into the WazirX cyberattack continues, the focus is now on uncovering the full extent of the heist and identifying any other potential suspects.