Key Takeaways
Police say the hack was executed through a fake account sold via Telegram to a third party who exploited it.
Reportedly, Liminal Custody did not provide the necessary information to law enforcement while WazirX did
Delhi Police have made a significant breakthrough in the investigation of the $235 million hack of India-based crypto exchange WazirX, arresting SK Masud Alam from West Bengal.
The arrest was made by the Special Cell of the Delhi Police after a detailed probe conducted by the Intelligence Fusion and Strategic Operations (IFSO) unit. According to the police, Alam, allegedly set up a fraudulent account under the name “Souvik Mondal” on WazirX. Investigators found that this account was later sold via Telegram to a buyer identified as M Hasan, who then used it to execute the multi-million dollar hack.
The cyberattack, which occurred on July 18, targeted WazirX’s hot wallet. The attackers attempted to gain access to the cold wallet. This breach is one of the largest reported in the Indian cryptocurrency sector, affecting roughly 45% of the total assets held by WazirX.
During the probe, the police recovered three laptops from WazirX, which were used by the company’s authorized signatories for multi-signature (multi-sig) wallet transactions. A multi-sig wallet requires multiple approvals to authorize any transaction, adding an extra layer of security. However, the police noted that the attack might have been facilitated internally, as there were no signs of unauthorized remote access.
A significant point of contention in the investigation has been the alleged non-cooperation from Liminal Custody, the digital asset custody firm responsible for managing WazirX’s wallets. Despite receiving multiple requests from law enforcement, Liminal Custody reportedly did not provide the necessary information, hindering efforts to fully trace the stolen funds.
WazirX, meanwhile, has cooperated with the investigation and has shared crucial data, including Know Your Customer (KYC) details, hardware and transaction logs. The exchange has outlined a recovery plan, aiming to reopen its trading platform to help recoup losses. WazirX intends to use the trading fees generated to reimburse affected creditors and has also announced plans to introduce new services like a decentralized exchange (DEX) and staking options. The investigation is ongoing.
