A recent investigation into a $235 million hack at the WazirX cryptocurrency exchange has led to the arrest of a suspect from Bengal. According to the Delhi Police chargesheet, the breach was not due to internal vulnerabilities.
Chargesheet Details
The Delhi Police chargesheet clarified that the breach did not result from vulnerabilities within WazirX’s systems but was instead initiated through a fake account sold via Telegram to a third party. The hackers accessed WazirX’s multisignature wallet, depleting it of crypto tokens valued at $235 million. The suspect was thought to be part of a well-organized gang of hackers who opened a fictitious account on the platform.
Independent Security Validation
An independent review by IFSO validated that WazirX’s systems were not compromised, affirming the exchange’s stance on the robustness of its security framework. However, the investigation faced challenges due to delays in cooperation with third-party services responsible for managing the Indian exchange’s digital assets.
WazirX's Response to Allegations
Liminal Custody, WazirX’s digital custody partner, accused the exchange of running a disinformation campaign to shift the blame onto them. Their statement highlighted that despite the accusations, WazirX retained over $175 million in assets on its platform 75 days post-breach.
The investigation is ongoing, and how the responsibilities between WazirX and its third-party partners will be distributed remains uncertain, but the arrest of the suspect from Bengal may bring a significant new twist to the case.
