Indian on July 18 Cryptocurrency exchange WazirX was hit by a cyber attack. That led to the loss of over $230 million worth of digital assets from one of his wallets. The exchange responded by suspending normal trading activities and reporting the incident to Indian authorities and other crypto exchanges. The company also launched two bounty programs for ethical hackers who can help track, freeze and recover stolen funds.

WazirX said a cyber-attack has been launched against a multi-signature wallet that manages digital asset custody known as Liminal. Multi-signature wallets have a built-in security feature that requires multiple parties to sign off on transactions.

“Over $230M in cyberattacks have impacted our customers’ digital assets,” WazirX said in a blog post, adding that INR funds were not affected. The company vehemently denied that Minister X itself had been breached, and flatly dismissed rumors that it had been duped by a phishing attack.

The exchange also noted that it is “certain” that its hardware keys were not compromised, adding that an external forensics team would be engaged to further investigate the matter.

But Laminal said after completing an investigation on its end, “It is clear that the hack originated from three compromised devices on WazirX’s end.”

Meanwhile, WazirX founder and CEO Nishal Shetty said the attack was only possible if there were four points of failure in the digital signature process.

Who is behind the hack?

WazirX has not yet disclosed the suspected parties or those responsible for the hack. However, reports have emerged that North Korean hackers are responsible for the incident.

Blockchain analytics platform Elliptic said that on-chain analysis and other information showed that “the hack was carried out by hackers affiliated with North Korea.”

In response to The Hindu’s WazirX questions about North Korean hackers, crypto exchange WazirX directed us to its blog and said it is working with law enforcement authorities to see if Could a known threat group be behind this attack?

“This incident has affected the Ethereum multisig wallet, which contains ETH and ERC20 tokens. Other blockchain funds were not affected,” Minister X said in his official blog, explaining that about 45% (according to preliminary work ) crypto assets affected by this attack.

The company has largely placed the blame on the process of securing multi-sig Ethereum wallets, and claimed that the vulnerability was not unique to WazirX.

How important is WazirX in the crypto sector?

WazirX calls itself India’s largest cryptocurrency exchange by volume. As of June 10, it reported total holdings of ₹ 4,203.88 crore, or USDT 503.64 million. Tether [USDT] A stablecoin, or cryptocurrency, is denominated in US dollars but is not an official US currency.

When The Hindu tried to access Public and real-time proof of minister X’s reserves After the cyber attack, we were greeted by a notice saying that the page was under maintenance.

Minister X has received both positive and negative press in India. The Directorate of Enforcement froze the exchange’s assets in 2022, scrapped its operating procedures and Know Your Customer (KYC) and Anti-Money Laundering (AML) norms.

“Encouraging obfuscation and with lax AML norms, he has actively assisted around 16 accused fintech companies in laundering the proceeds of crime using the crypto route. Hence, equivalent to Rs. Movable assets of Rs 64.67 crore held by Minister X were frozen under PMLA, 2002,” the ED said in a statement.

What about Minister X’s assets?

Minister X’s stolen assets are unlikely to be recovered soon. This is due to the nature of cryptocurrency itself, where assets can be easily mixed, transferred, exchanged and sent to anonymous wallets. If it is confirmed that North Korean hackers are behind the incident, the chances of recovering the assets are even slimmer.

CEO Shetty said on X on July 22 that a “small” portion of the stolen funds had been frozen but declined to provide further details. He added that most of the funds were not transferred from the attacker’s wallet.

North Korean hackers have stolen billions of dollars in crypto-assets in recent years, with the goal of circumventing various financial and economic sanctions.

WazirX is currently working to resume normal operations and plans to conduct an online poll to decide whether to resume trading on the platform.

While Indian exchanges have defended their security practices and pointed to the challenges of the crypto sector at large, more experienced crypto traders will be looking for action plans and accountability rather than emotional reassurances.

What is its bounty program?

WazirX has announced two reward programs: one to find out more about the stolen funds, and the other to recover them. Both programs are open to all, except employees of Minister X and their immediate family members.

Under the first program, WaxirX will offer a reward of up to $10,000 to anyone who can provide the exchange with information that can help it freeze the funds. If the bounty hunter is unable to freeze the fund themselves, they must cooperate with Minister X by providing sufficient evidence to facilitate the process.

But “if the Participant fails to unfreeze himself and/or fails to cooperate with Minister X to facilitate the freezing of funds, the Participant shall not be entitled to any reward,” the exchange said. said

Another program, called White Hat Recovery, aims to recover funds. Participants are offered 10% of the amount received as a white hat incentive.

“The reward will be distributed only after the successful recovery of the stolen funds by WazirX. The said rewards will be payable in USDT or in the form of funds received at the discretion of WazirX,” the exchange noted.

The bounty programs are expected to run for the next three months.



Source link