Delhi Police Arrests West Bengal Man in ₹2,000 Crore WazirX Hack

In a significant breakthrough in the high-profile cyberattack on cryptocurrency exchange WazirX, Delhi Police have arrested SK Masud Alam from East Midnapore, West Bengal. The attack, which occurred in July, resulted in a staggering loss of nearly Rs2,000 crore in digital assets.

The suspect, SK Masud Alam (33), is accused of playing a pivotal role in the attack by creating a fake account under the name Souvik Mondal. This fraudulent account was allegedly sold to another individual, M Hasan, via Telegram, who used it to gain unauthorized access to WazirX’s platform.

Alam’s arrest was executed by Delhi Police’s Special Cell, marking a critical development in the investigation. The authorities continue to unravel the complex web of crypto transactions that were part of the attack, which targeted WazirX’s hot wallet. This wallet contained a significant portion of WazirX’s crypto assets, and the breach caused extensive financial damage.

The chargesheet filed by Delhi Police indicates that Alam’s fake account was a key facilitator of the hack. After infiltrating the platform, the attackers attempted to access WazirX’s cold wallet, which typically offers higher security layers and stores funds offline. While the hot wallet was compromised, the cold wallet’s advanced protection mechanisms are believed to have prevented a larger breach.

In a surprising twist, the chargesheet implicates Liminal Custody, the firm responsible for securing WazirX’s wallets, for allegedly failing to fully cooperate with the investigation. Liminal reportedly ignored several official requests for critical information, raising questions about the firm’s security practices and transparency during the investigation. The chargesheet also notes that Liminal’s involvement in the breach will be further examined in a supplementary report.

Investigators have also seized three laptops belonging to WazirX’s authorized signatories in an attempt to explore potential misuse of the platform’s multi-signature wallet. This multi-signature wallet, which requires multiple authorizations for transactions, was a key point of interest in the probe. While the investigation is ongoing, WazirX has been fully cooperative, providing essential data such as KYC information and transaction logs. Importantly, no evidence has yet been found of unauthorized access to WazirX’s internal systems, either remotely or locally.

The July 18 breach led to a loss of over $230 million (Rs2,000 crore) in digital assets, affecting 45% of WazirX’s assets. The attack compromised a multi-signature wallet with six signatories, five of whom were affiliated with WazirX, and one from Liminal Custody. Despite the massive loss, there has been no indication of WazirX’s systems being compromised, prompting further scrutiny into the involvement of third-party custodians like Liminal.

WazirX, founded in 2018, is one of India’s largest cryptocurrency exchanges, providing services for buying, selling, and trading digital currencies like Bitcoin and Ethereum. The platform also offers spot trading, staking, peer-to-peer transactions, and has a native token, WRX, as well as integration with Binance, one of the world’s largest cryptocurrency exchanges.

As the investigation continues, Delhi Police are working on tracing other suspects involved in the scheme, and authorities are advising cryptocurrency platforms to strengthen security protocols to prevent similar breaches in the future.

Related posts

Ilya Lichtenstein Sentenced to 5 Years for $10.5B Bitcoin Hack

Gary Wang Develops Fraud-Detection Tool to Aid Prosecutors

Trung Nguyen Convicted for Operating Unlicensed Bitcoin Exchange and Money Laundering Scheme

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More