BPOI Banner
WazirX Seeks 30-Day Moratorium to Restructure as Rival Sues for Locked Funds WazirX Seeks 30-Day Moratorium to Restructure as Rival Sues for Locked Funds

Bengal Man Arrested in Connection With $235 Million WazirX Hack

Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) division has arrested a man from West Bengal, in connection with a massive cyberattack on WazirX.

In July, the crypto industry witnessed the hack of India’s largest crypto exchange, WazirX. The exploit resulted in losses of approximately $235 million, with hackers targeting the platform’s hot and cold wallets.

The accused SK Mausad Alam is under custody for allegedly facilitating the WazirX heist by opening a fraudulent account on the exchange and selling it to a third party, which led to unauthorized access to the platform.

According to the chargesheet reviewed by Decrypt, Alam opened an account under the alias of Souvik Mondal and sold the credentials to someone called “M Hasan” via Telegram.

Delhi police disclosed how Alam was in contact with a “buyer of crypto accounts” who “offered him a good amount on getting crypto accounts of WazirX with credentials.”

In return for selling his credentials, Alam reportedly received “08 USDT in his Binance account,” per the chargesheet.

Police wrote in the chargesheet that during their investigation they found evidence that Alam had received crypto deposits worth $107,000 in the WazirX account created using his credentials.

The hackers’ modus operandi involved draining WazirX’s hot wallet of GALA tokens to force the exchange to transfer additional assets from its cold wallet.

This tactic ultimately granted the perpetrators access to WazirX’s multisignature wallet, police said, leading to the siphoning of crypto worth millions.

The attack on WazirX was initially attributed to North Korea-based hacker group Lazarus by cybersecurity firm Elliptic.

In the course of the probe, authorities seized three laptops they say were used by WazirX’s authorized signatories to approve transactions. However, initial forensic analysis did not reveal any unauthorized access to these devices.

Despite the severity of the breach, investigators found no evidence of unauthorized access to WazirX’s internal systems, confirming that the attack was carried out through external means.

The police stated WazirX cooperated fully with the authorities throughout the investigation, providing critical data such as KYC records and transaction logs.

Investigators said they faced challenges obtaining critical data from Liminal Custody, a third-party service provider responsible for securing the exchange’s cold wallets.

The chargesheet notes Liminal was non-cooperative, failing to provide logs that could help trace the money trail and identify other culprits involved in the scheme.

Following the hack, WazirX’s investigative report claimed the firm had “the malicious transaction was not sent to any of the destination addresses in the whitelisted addresses, which should have been prevented by Liminal.”

Liminal told Decrypt at that time the multi-signature smart contract wallet used in the attack was allegedly “created independently and further imported on the Liminal platform.”

The investigation is ongoing, with authorities expected to file a supplementary chargesheet once additional information from entities like Telegram and Liminal Custody is obtained.

Liminal Custody did not immediately respond to a request for comment from Decrypt.

Edited by Stacy Elliott.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.

Source link

Vismaya V

https://decrypt.co/291642/man-arrested-235-million-wazirx-hack

2024-11-14 13:05:44

bitcoin
Bitcoin (BTC) $ 95,839.68 1.12%
ethereum
Ethereum (ETH) $ 3,352.60 0.17%
tether
Tether (USDT) $ 0.999172 0.10%
xrp
XRP (XRP) $ 2.22 0.81%
bnb
BNB (BNB) $ 664.67 0.31%
solana
Solana (SOL) $ 186.13 2.19%
dogecoin
Dogecoin (DOGE) $ 0.320785 1.11%
usd-coin
USDC (USDC) $ 1.00 0.17%
cardano
Cardano (ADA) $ 0.908688 1.28%
staked-ether
Lido Staked Ether (STETH) $ 3,346.15 0.15%
tron
TRON (TRX) $ 0.247907 0.89%
avalanche-2
Avalanche (AVAX) $ 37.78 0.84%
chainlink
Chainlink (LINK) $ 23.12 4.30%
the-open-network
Toncoin (TON) $ 5.50 3.48%
wrapped-steth
Wrapped stETH (WSTETH) $ 3,976.56 0.39%
shiba-inu
Shiba Inu (SHIB) $ 0.000022 2.04%
sui
Sui (SUI) $ 4.41 1.14%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 95,465.58 1.18%
stellar
Stellar (XLM) $ 0.364351 3.25%
polkadot
Polkadot (DOT) $ 7.06 1.49%
hedera-hashgraph
Hedera (HBAR) $ 0.266586 5.79%
hyperliquid
Hyperliquid (HYPE) $ 29.36 16.05%
weth
WETH (WETH) $ 3,351.02 0.21%
bitcoin-cash
Bitcoin Cash (BCH) $ 456.67 0.77%
leo-token
LEO Token (LEO) $ 9.40 0.92%
uniswap
Uniswap (UNI) $ 14.21 3.09%
litecoin
Litecoin (LTC) $ 104.27 4.96%
pepe
Pepe (PEPE) $ 0.000018 4.70%
wrapped-eeth
Wrapped eETH (WEETH) $ 3,534.69 0.22%
near
NEAR Protocol (NEAR) $ 5.18 3.70%
ethena-usde
Ethena USDe (USDE) $ 1.00 0.18%
bitget-token
Bitget Token (BGB) $ 4.14 0.40%
usds
USDS (USDS) $ 1.00 0.02%
aptos
Aptos (APT) $ 9.40 0.66%
aave
Aave (AAVE) $ 328.98 10.65%
internet-computer
Internet Computer (ICP) $ 10.25 2.18%
crypto-com-chain
Cronos (CRO) $ 0.157553 0.99%
polygon-ecosystem-token
POL (ex-MATIC) (POL) $ 0.487284 2.58%
mantle
Mantle (MNT) $ 1.20 3.56%
ethereum-classic
Ethereum Classic (ETC) $ 26.72 2.64%
vechain
VeChain (VET) $ 0.047049 3.95%
render-token
Render (RENDER) $ 7.28 3.20%
monero
Monero (XMR) $ 191.90 1.93%
mantra-dao
MANTRA (OM) $ 3.72 3.23%
whitebit
WhiteBIT Coin (WBT) $ 24.48 1.06%
bittensor
Bittensor (TAO) $ 466.19 2.76%
dai
Dai (DAI) $ 1.00 0.01%
fetch-ai
Artificial Superintelligence Alliance (FET) $ 1.30 3.18%
arbitrum
Arbitrum (ARB) $ 0.770173 3.13%
ethena
Ethena (ENA) $ 1.08 5.69%