Ransomware

WazirX Cyberattack Update: $230M Theft And Recovery Operation

The WazirX cyberattack compromised asset collateralization, prompting swift police complaints filed via the National Cyber Crime Reporting Portal to Indian authorities, including FIU and CERT-In.

by Ashish Khaitan July 22, 2024

Share on LinkedInShare on Twitter

In response to the recent WazirX cyberattack that led to the theft of $230 million from one of its multisig wallets, WazirX — India’s largest cryptocurrency exchange — has temporarily paused trading on its platform. This follows an earlier suspension of withdrawals after hackers compromised the wallet’s private keys.

To recover the funds lost in the WazirX cyberattack, the company has also launched a Bounty Program, offering significant rewards for valuable information and assistance in retrieving the stolen assets. In a social media post, the company announced the launch of its bounty program.

According to the official release, the initiative invites the community to participate through two key bounty opportunities. The first, “Track & Freeze,” offers rewards of up to $10,000 in USDT for actionable intelligence that leads to freezing the stolen funds. The second, “White Hat Recovery,” offers a 10% reward of the recovered amount, with a maximum of $23 million, to white hat hackers who assist in recovering the stolen assets.

This bounty program will be active for three (3) months from the date of this announcement. However, the duration of the program may be adjusted—either extended or shortened—based on evolving needs and results, with or without prior notice to participants, the release stated.

The bounty program is open to all individuals except current and former WazirX employees and their immediate family members. To qualify, participants must provide detailed submissions, including addresses, transactions, and tracking and recovery methodologies. Additionally, all participants are required to maintain confidentiality and refrain from sharing any information with third parties.

The social media post concluded with the statement: “Your expertise and collaboration are essential in our efforts to secure and recover the stolen funds.”

Mitigation Measures for the WazirX Cyberattack

Following the cyberattack on WazirX, the company has implemented several immediate and comprehensive measures to address the situation. The exchange has filed an online complaint via the National Cyber Crime Reporting Portal and is in the process of submitting a physical complaint. Additionally, WazirX reported the incident to the Financial Intelligence Unit (FIU) India and CERT-In.

Further, WazirX has reached out to over 500 exchanges to block the identified addresses linked to the theft, with many exchanges cooperating and assisting in the recovery efforts. The company is also engaging with cybersecurity experts to support its investigation and recovery initiatives.

To ensure asset safety, WazirX has temporarily suspended INR and cryptocurrency deposits and withdrawals. In addition, all trading activities have been paused to allow for a thorough examination of affected systems, forensic data, and a comprehensive security audit. This decision, prompted by concerns over the partial collateralization of assets, will enable the exchange to thoroughly examine affected systems, conduct forensic analysis, and conduct a rigorous security audit.

WazirX Cyberattack: A Major Blow to the Crypto Community

WazirX is actively engaged in analyzing forensic data and working with experts to determine effective recovery strategies. This significant breach has had a major impact, affecting numerous users and raising serious concerns about the security of digital assets.

While WazirX has assured users that their safety and security are top priorities as they deal with this complex situation, the cyberattack has once again brought attention to the vulnerabilities in the digital asset space. This incident highlights the ongoing need for stronger security measures in the cryptocurrency world.

WazirX has started tracking and blocking some of the stolen funds, but details about these efforts are not yet available. The company has promised to keep users updated regularly and address any new concerns that come up.

This story is still developing, and The Cyber Express will keep you informed with the latest updates as more information becomes available.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button