In a significant development for the Indian cryptocurrency landscape, the Delhi Police have arrested SK Masud Alam from West Bengal in connection with a major hack on the WazirX cryptocurrency exchange. According to reports from India Today, this cyber theft, which occurred in July, resulted in the loss of virtual currencies valued at approximately Rs 2,000 crore ($230 million), accounting for a substantial 45% of the exchange’s total assets.
Details of the Alleged Hack
The investigation centers around allegations that Alam executed the unauthorized transactions using a WazirX account created under the alias ‘Souvik Mondal’. This account was reportedly used to sell digital assets through Telegram to another individual, M Hasan, who allegedly utilized the platform for illicit activities. The breach targeted both the WazirX hot wallet and its cold wallet, which serves as offline storage for a majority of funds.
Internal Manipulation and Investigation Findings
The IFSO division, tasked with probing the incident, has yet to uncover any external malicious attacks on WazirX systems, suggesting that the breach may have involved internal manipulation by multiple parties. This revelation underscores the complexity and sophistication of the hack, requiring thorough investigation and analysis to bring all culprits to justice.
Role of Liminal Custody and the Security Gaps
Liminal Custody, responsible for managing WazirX digital wallets, has come under scrutiny during the investigation. The police claim that the custody solutions firm was uncooperative, failing to provide crucial information despite numerous requests. This lack of cooperation has reportedly hindered the progress of the investigation. The Delhi Police continue to examine Liminal’s incident management protocols and response mechanisms, with further clarifications expected in a forthcoming chargesheet.
WazirX’s Response and Cooperation with Authorities
In response to the investigation, WazirX has provided Know Your Customer (KYC) documents and transaction details to regulators, who are working to assess the extent and methodology of the hack. As digital assets become increasingly integral to India’s financial ecosystem, the establishment of robust security infrastructure and legal frameworks is essential to prevent similar incidents in the future.
Implications for the Indian Cryptocurrency Sector
This incident highlights the growing pains of the Indian cryptocurrency sector as it grapples with security challenges and regulatory scrutiny. The outcome of this investigation could have significant implications for how digital asset exchanges operate and are regulated in the country. Ensuring the security of digital assets and maintaining user trust will be key priorities for exchanges like WazirX moving forward.
