The accused allegedly opened a WazirX account under a fictitious name and sold it via Telegram to another individual, who then allegedly used it to infiltrate the crypto exchange.
The Delhi Police has detained a man in connection with the cyberattack on cryptocurrency exchange firm, WazirX, which resulted in losses of roughly Rs 2,000 crore in digital assets. The accused, SK Masud Alam, a citizen of West Bengal, had set up a bogus account to facilitate the cyberattack.
Alam was detained by Delhi Police’s Special Cell from West Bengal’s East Midnapore district. His arrest is considered as a breakthrough in the case, as detectives continue to unravel the complicated network of crypto transactions involved.
In a chargesheet issued by the Delhi Police, Alam is accused of opening a WazirX account under the name Souvik Mondal and selling it via Telegram to another individual, M Hasan, who then reportedly used it to penetrate the crypto exchange. The chargesheet also mentioned the alleged non-cooperation of Liminal Custody, a digital asset custody solutions provider responsible for securing WazirX’s wallets, in the case.
The inquiry, conducted by Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) section, revolves around the hacking of WazirX’s platform. Cybercriminals allegedly depleted WazirX’s hot wallet, followed by an attack on the cold wallet, which retains cash offline with enhanced security measures.
In the course of the probe, Delhi Police attempted to acquire important information from Liminal Custody. Despite several reminders, the chargesheet discloses that Liminal failed to deliver necessary details, raising doubts regarding its security protocols and accountability.
Police highlighted that Liminal’s lack of cooperation impeded efforts to identify the whole chain of events behind the large crypto crime. The chargesheet noted that Liminal’s role will be further addressed in a supplementary chargesheet as the inquiry develops.
To explore the alleged exploitation of multi-sig wallets (using multiple keys to approve bitcoin transactions), investigators seized three laptops from WazirX that were used by authorised signatories for approving the transactions. As to the chargesheet, WazirX has completely cooperated with authorities, supplying key data such as KYC details and transaction logs.
The inquiry, aided by the Indian Cyber Crime Coordination Centre (IFSO), revealed no indication of unauthorised access to WazirX’s systems, either locally or remotely.
ABOUT WAZIRX CYBERATTACK
The WazirX incident happened on July 18, resulting in the theft of about $230 million (about Rs 2,000 crore) in digital assets. The hack involved a multi-sig wallet with six signatories, five from WazirX and one from Liminal Custody.
The security incident led to WazirX losing roughly 45 per cent of its holding assets.
WazirX allows customers to purchase, sell, and exchange multiple cryptocurrencies like Bitcoin, Ethereum and others. Launched in 2018, it provides a platform for spot trading, staking, and peer-to-peer transactions and includes features including a native utility token (WRX) and interaction with Binance, a worldwide cryptocurrency exchange.
Leave a Reply