- WazirX files a formal police case after a major wallet attack where $234.9M was stolen.
- The attack exploited a key multi-signature wallet.
- In response, other exchanges have stepped up their own security features.
WazirX filed a First Information Report (FIR) with the Delhi Police, marking a crucial step toward addressing the breach it suffered in mid-July and recovering the stolen funds. The investigation is being handled by Dehli Police’s Intelligence Fusion & Strategic Operations (IFSO) unit.
📢 Important Update: FIR filed
Based on a complaint filed by us in connection with the Cyber attack on our multisig wallet, the police has taken cognizance of the matter and a FIR under BNS & IT Act has been registered on 5th August 2024 at PS Special Cell, PS Lodhi Colony, New… pic.twitter.com/umAkkEzv7E
— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) August 6, 2024
Let’s unpack the cyberattack and how the market has responded.
What Happened With the Cyber Attack
On July 18, 2024, Indian cryptocurrency exchange WazirX experienced a significant security breach, resulting in the theft of approximately $234.9M. The stolen assets included Shiba Inu ($SHIB), Ether ($ETH), Matic ($MATIC), and Pepe ($PEPE).
The breach primarily affected their multi-signature wallet, which was operated in collaboration with Liminal, their wallet infrastructure provider.
The filing of the FIR received mixed reactions from the community. Many questioned why the filing had taken so long – over two weeks after the initial attack. Others acknowledged the complexity of the investigation process.
WazirX co-founder Nischal Shetty emphasized their commitment to transparency and recovery efforts.
What The Analysis Revealed
WazirX’s initial investigation revealed no evidence of compromise within their own infrastructure, suggesting that the breach likely originated from Liminal. There were conflicting reports from both parties; each pointed to the other as the source of the security lapse.
Liminal later published a report to support its own security measures, highlighting the extremely sophisticated nature of the exploit, which leveraged an externally created wallet.
Our preliminary investigation points to a customer- level compromise via a sophisticated intrusion.Liminal blog
Adding to the complexity, some experts and blockchain analysis firms, such as Elliptic, have suggested that North Korean hackers may be behind the breach.
The possibility of the involvement of a high-level state-affiliated team raises concerns over the future of cryptocurrency exchanges amid attacks that are growing more mature.
The Market Responded Quickly To Counter Any After Effects
Mature attacks provoke mature responses. $5.43B Shiba Inu ($SHIB) was stolen in the attack, and $SHIB holders promptly increased the burn rate by over 400% to counter any dumping of $SHIB tokens by the attacker.
On the exchange side, CoinDCX, the leading Indian crypto exchange, created a $5.9M Crypto Investors Protection Fund (CIPF). The CPIF, entirely financed by CoinDCX, will safeguard its users’ assets in the event of similar security incidents.
1/ 🚨 Announcing a new First for Indian Crypto Exchanges: CoinDCX’s INR 50 Crore Crypto Investors Protection Fund (CIPF)@smtgpt, @mri_gup, I, and the entire 500+ team at @CoinDCX work hard to provide the best investing and trading experience and also ensure everyone’s funds are… pic.twitter.com/kbcp1anX7J
— Neeraj Khandelwal (@neerajKh_) August 7, 2024
The CPIF aims to set higher security standards within the Indian crypto ecosystem while defending against increasingly sophisticated attacks.
Final Thoughts
Both the Indian crypto market and the broader crypto economy responded swiftly to the WazirX exploit. The FIR report indicates the ongoing efforts to identify the perpetrators of the attack and, if possible, retrieve the stolen assets. The reactions also indicate the growing maturity of the crypto market in the face of increasingly sophisticated cyber attacks.
References
Click to expand and view sources
Disclaimer: The opinions expressed in this article do not constitute financial advice. We encourage readers to conduct their own research and determine their own risk tolerance before making any financial decisions. Cryptocurrency is a highly volatile, high-risk asset class.
Our Editorial Process
The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.