WazirX has launched a bounty program to reclaim the $234 million stolen from its coffers in a sophisticated cyber attack last week.
To amplify recovery efforts, the exchange is also collaborating with multiple crypto entities and offering up to $23 million to bounty hunters whose tips lead to a successful recovery.
WazirX’s Response to the Cyberattack
This significant increase from the initial $10,000 offer comes after criticism that the original bounty was too modest.
The total bounty has been updated to $23M thanks @zachxbt for the suggestion 🙏 https://t.co/qzaqwAuLod
— Nischal (Shardeum) 🔼 (@NischalShetty) July 21, 2024
The bounty program will run for three months, with the possibility of extension based on progress and recovery requirements. Notably, the bounty has already garnered attention from prominent figures in the blockchain forensics community.
Blockchain analytics firm Arkham reported that renowned crypto investigator ZachXBT has submitted valuable data to the breached exchange.
This bounty has been solved by ZachXBT@ZachXBT submitted definitive evidence of a KYC-linked deposit address used by the exploiter to receive funds from the WazirX exploit. This fulfills one of the criteria of the bounty – ‘Identifying a KYC centralized exchange deposit’.
This… https://t.co/6rerMi65zC
— Arkham (@ArkhamIntel) July 18, 2024
The submission reportedly includes compelling evidence linking a Know Your Customer (KYC) verified deposit address to the entity behind the WazirX exploit.
Such information could prove instrumental in tracing the path of the stolen assets and potentially lead to the identification of the perpetrators.
WazirX Hack: What We Know So Far
On July 18, WazirX suffered a significant security breach targeting one of its multisig wallets. The exchange promptly suspended all withdrawals to prevent further losses, as it has also halted trading entirely.
WazirX co-founder Nischal Shetty explained on social media platform X (formerly Twitter):
“The cyber attack theft has impacted our ability to maintain 1:1 collaterals with assets, and we’ve temporarily paused trading.”
📢 Trading has been temporarily paused
The cyber attack theft has impacted our ability to maintain 1:1 collaterals with assets, and we've temporarily paused trading.
We're conducting thorough forensic data examination and security audit procedures and working to enable…
— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) July 21, 2024
In addition to suspending operations, WazirX has taken several immediate actions. The company filed a police complaint and reported the incident to the Financial Intelligence Unit (FIU) and CERT-In.
The exchange has also reached out to over 500 platforms to block identified addresses associated with stolen funds and initiated discussions with blockchain forensic experts.
WazirX is taking a multi-pronged approach to address the cyberattack. The exchange is engaging blockchain forensic experts for continuous monitoring and support while collaborating with law enforcement agencies to identify and apprehend perpetrators.
The Indian exchange is also internally analyzing data to understand the full extent of the damage and seeking support from the broader Web3 ecosystem.
According to Shetty’s insights, the cyberattack targeted one of WazirX’s multisig wallets, which involves a complex process that bypassed multiple security layers.
The WazirX hack was not due to a Phishing link.
3 signatures of WazirX from 3 different devices that each use different hardware wallets were used. All 3 devices were at different locations and the links were bookmarked.
Even if we assume that all 3 WazirX devices ended up… https://t.co/u0p9vKI7WR
— Nischal (Shardeum) 🔼 (@NischalShetty) July 21, 2024
Shetty clarified that no hardware keys from the WazirX team were compromised, and Liminal’s signing process is under detailed investigation.