Tech
WazirX Crypto Exchange Hack and Its Bounty Program: What Does It Mean for Crypto Investors in India?
On July 18, India Cryptocurrency exchange WazirX has been hit by a cyber attack which resulted in the loss of over $230 million worth of digital assets from one of its wallets. The exchange responded by suspending regular trading and reporting the incident to Indian authorities and other cryptocurrency exchanges. The company also launched two reward programs for ethical hackers who can help the exchange trace, freeze, and recover stolen funds.
WazirX said there was a cyberattack on a multi-signature wallet operated through a digital asset custodian service known as Liminal. Multi-signature wallets have a built-in security feature that requires multiple parties to sign transactions.
“The impact of the cyberattack is over $230 million on our clients’ digital assets,” WazirX said in a blog post, adding that INR funds were not affected. The company has firmly denied that WazirX itself was hacked and has brushed aside rumors that it was tricked by a phishing attack.
The exchange also noted that it was “certain” that its hardware keys had not been compromised, adding that an external forensic team would be tasked with investigating the matter further.
But Liminal, after completing its investigation, said: “It is clear that the genesis of this hack stems from three devices compromised by WazirX.”
Meanwhile, WazirX founder and CEO Nischal Shetty said that the attack would have been possible only if there were four points of failure in the digital signature process.
Who is behind the cyber attack?
WazirX has not yet disclosed the suspected parties or perpetrators responsible for the hack. However, news reports have emerged that North Korean hackers were responsible for the incident.
On-chain analytics and other information indicate “that this attack was perpetrated by hackers affiliated with North Korea,” blockchain analytics platform Elliptic said.
In response to The Hindu’s questions to WazirX about the North Korean hackers, cryptocurrency exchange WazirX directed us to its blog and said it was working with law enforcement to investigate whether a known malicious group was behind the attack.
“This incident affected the Ethereum multisig wallet, which consists of ETH and ERC20 tokens. Other blockchain funds are not affected,” WazirX said in its official blog, specifying that approximately 45% (according to preliminary work) of cryptocurrencies were affected by the attack.
The company largely placed the blame on the process of securing Ethereum multisig wallets and said that the vulnerability was not unique to WazirX.
How important is WazirX in the cryptocurrency industry?
WazirX calls itself India’s largest cryptocurrency exchange by volume. As of June 10, it reported total holdings of ₹4,203.88 Crores, or 503.64 million USDT. Tether [USDT] It is a stablecoin, that is, a cryptocurrency pegged to the value of the US dollar, but it is not an official currency of the United States.
When The Hindu tried to access WazirX Public and Real-Time Reserve Proof After the hack, we were notified that the page was under maintenance.
WazirX has received both positive and negative reviews in India. The Enforcement Directorate froze the exchange’s assets in 2022, criticizing its operating procedures and lax Know-Your-Customer (KYC) and Anti-Money Laundering (AML) regulations.
“By encouraging obscurity and adopting lax AML norms, it has actively assisted around 16 accused fintech companies in laundering proceeds of crime using the cryptocurrency route. Accordingly, equivalent movable assets amounting to Rs 64.67 Crore in possession of WazirX have been frozen under the PMLA, 2002,” the ED said in a statement.
What will happen to WazirX assets?
It is unlikely that the stolen WazirX assets will be fully recovered anytime soon. This is due to the very nature of cryptocurrency, where assets can be easily mixed, transferred, converted, and sent to anonymous wallets. The chances of asset recovery are even slimmer if it is confirmed that North Korean hackers are behind the incident.
CEO Shetty said on X on July 22 that “small” portions of the stolen funds had been frozen, but declined to provide further details. He added that the majority of the funds had not been moved from the attacker’s wallet.
In recent years, North Korean hackers have stolen billions of dollars in cryptocurrency, aiming to circumvent various financial and economic sanctions.
WazirX is currently working to resume normal operations and has planned to launch an online survey to decide how to resume trading on the platform.
While the Indian exchange has defended its security practices and highlighted the challenges facing the cryptocurrency industry as a whole, savvy crypto traders will be looking for action plans and accountability, rather than emotional reassurance.
What does your rewards program consist of?
WazirX has announced two reward programs: one to gain more information about stolen funds, and the other to recover them. Both programs are open to everyone except WazirX employees and their immediate families.
Under the first program, WaxirX will reward up to $10,000 to anyone who can provide trading information that can help them freeze the funds. If the bounty hunter is unable to freeze the funds on their own, they should work with WazirX by providing enough evidence to facilitate the process.
But “if the participant fails to freeze and/or does not cooperate with WazirX to facilitate the freezing of funds, then the participant will not be entitled to any rewards,” the exchange said.
The second program, called White Hat Recovery, is aimed at recovering funds. Participants are offered 10% of the recovered amount as a white hat incentive. “This reward will be paid only after and subject to WazirX successfully receiving the stolen amount. Such rewards will be payable in USDT or in the form of recovered funds at WazirX’s sole discretion,” the exchange noted.
The bounty programs are expected to last for the next three months.