Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) division has arrested a man from West Bengal, in connection with a massive cyberattack on WazirX.
In July, the crypto industry witnessed the hack of India’s largest crypto exchange, WazirX. The exploit resulted in losses of approximately $235 million, with hackers targeting the platform’s hot and cold wallets.
The accused SK Mausad Alam is under custody for allegedly facilitating the WazirX heist by opening a fraudulent account on the exchange and selling it to a third party, which led to unauthorized access to the platform.
According to the chargesheet reviewed by Decrypt, Alam opened an account under the alias of Souvik Mondal and sold the credentials to someone called “M Hasan” via Telegram.
WazirX Recovery Impacted as Hackers Keep Sending Ethereum Through Tornado Cash
The WazirX crypto exchange hackers have nearly completed their efforts to launder the $230 million haul through coin mixer Tornado Cash, throwing a wrench into the efforts to recover funds for affected users. Hackers have moved 15,000 ETH (nearly $40 million today) since Monday night across scores of transactions. The development followed the High Court of Singapore granting the Indian crypto exchange WazirX a four-month moratorium to restructure its liabilities following the midsummer hack of m...
Delhi police disclosed how Alam was in contact with a "buyer of crypto accounts" who "offered him a good amount on getting crypto accounts of WazirX with credentials."
In return for selling his credentials, Alam reportedly received "08 USDT in his Binance account," per the chargesheet.
Police wrote in the chargesheet that during their investigation they found evidence that Alam had received crypto deposits worth $107,000 in the WazirX account created using his credentials.
The hackers’ modus operandi involved draining WazirX's hot wallet of GALA tokens to force the exchange to transfer additional assets from its cold wallet.
This tactic ultimately granted the perpetrators access to WazirX’s multisignature wallet, police said, leading to the siphoning of crypto worth millions.
WazirX Loses $230 Million in Suspected DPRK Hack
The attack that caused WazirX, the largest crypto exchange in India, to lose more than $230 million has been attributed to North Korea-based actors by cybersecurity firm Elliptic. Meanwhile, WazirX has published its own analysis of the exploit in a July 18 preliminary incident report and on Friday morning wrote on Twitter that it has filed a police report. WazirX explained in its report that the incident saw one of the firm's multi-signature wallets send funds to a non-whitelisted address. The f...
The attack on WazirX was initially attributed to North Korea-based hacker group Lazarus by cybersecurity firm Elliptic.
In the course of the probe, authorities seized three laptops they say were used by WazirX’s authorized signatories to approve transactions. However, initial forensic analysis did not reveal any unauthorized access to these devices.
Despite the severity of the breach, investigators found no evidence of unauthorized access to WazirX's internal systems, confirming that the attack was carried out through external means.
The police stated WazirX cooperated fully with the authorities throughout the investigation, providing critical data such as KYC records and transaction logs.
WazirX Sets Aside $12 Million to Recover Stolen Crypto, Pay Legal Costs
WazirX has set aside millions of dollars to cover legal costs related to the theft of hundreds of millions of dollars in crypto after a cyberattack in July brought the Indian exchange to its knees. On Wednesday, Singapore-based Zettai Pte Ltd, the holding company of WazirX, filed an affidavit with the High Court of Singapore, requesting a 30-day moratorium to facilitate discussions with investors and creditors to stabilize the platform. The moratorium, if granted, is seen as essential for ensur...
Investigators said they faced challenges obtaining critical data from Liminal Custody, a third-party service provider responsible for securing the exchange’s cold wallets.
Following the hack, WazirX’s investigative report claimed the firm had “the malicious transaction was not sent to any of the destination addresses in the whitelisted addresses, which should have been prevented by Liminal.”
WazirX Moved $75M to Global Exchanges After Hack: CoinSwitch Co-Founder
The co-founder of Indian crypto exchange CoinSwitch has accused rival exchange WazirX of transferring $75 million worth of user funds to global exchanges Bybit and KuCoin in the aftermath of a July 2024 cyberattack. Ashish Singhal made the allegation as CoinSwitch released a public dashboard tracking wallet activities based on WazirX’s recent wallet disclosure. Making sense of WazirX’s wallet disclosure for users Crypto exchange WazirX — which allegedly faced a cyberattack in July 2024 — has re...
Liminal told Decrypt at that time the multi-signature smart contract wallet used in the attack was allegedly “created independently and further imported on the Liminal platform.”
The investigation is ongoing, with authorities expected to file a supplementary chargesheet once additional information from entities like Telegram and Liminal Custody is obtained.
Liminal Custody did not immediately respond to a request for comment from Decrypt.
Editor's note: Story updated for clarity
Edited by Stacy Elliott.
