WazirX Offers $23M Bounty to Recover Stolen Crypto

Why Trust Techopedia
Key Takeaways

  • WazirX has launched a bounty program offering up to $23 million to aid asset recovery.
  • The Indian-based exchange is collaborating with over 500 exchanges, law enforcement, and blockchain experts.
  • The attack targeted a multisig wallet, resulting in a loss of $234 million.

WazirX has launched a bounty program to reclaim the $234 million stolen from its coffers in a sophisticated cyber attack last week.

To amplify recovery efforts, the exchange is also collaborating with multiple crypto entities and offering up to $23 million to bounty hunters whose tips lead to a successful recovery. 

WazirX’s Response to the Cyberattack

This significant increase from the initial $10,000 offer comes after criticism that the original bounty was too modest.

The bounty program will run for three months, with the possibility of extension based on progress and recovery requirements. Notably, the bounty has already garnered attention from prominent figures in the blockchain forensics community. 

Blockchain analytics firm Arkham reported that renowned crypto investigator ZachXBT has submitted valuable data to the breached exchange. 

The submission reportedly includes compelling evidence linking a Know Your Customer (KYC) verified deposit address to the entity behind the WazirX exploit.

Such information could prove instrumental in tracing the path of the stolen assets and potentially lead to the identification of the perpetrators.

WazirX Hack: What We Know So Far

On July 18, WazirX suffered a significant security breach targeting one of its multisig wallets. The exchange promptly suspended all withdrawals to prevent further losses, as it has also halted trading entirely. 

WazirX co-founder Nischal Shetty explained on social media platform X (formerly Twitter):

“The cyber attack theft has impacted our ability to maintain 1:1 collaterals with assets, and we’ve temporarily paused trading.”

In addition to suspending operations, WazirX has taken several immediate actions. The company filed a police complaint and reported the incident to the Financial Intelligence Unit (FIU) and CERT-In. 

The exchange has also reached out to over 500 platforms to block identified addresses associated with stolen funds and initiated discussions with blockchain forensic experts.

WazirX is taking a multi-pronged approach to address the cyberattack. The exchange is engaging blockchain forensic experts for continuous monitoring and support while collaborating with law enforcement agencies to identify and apprehend perpetrators.

The Indian exchange is also internally analyzing data to understand the full extent of the damage and seeking support from the broader Web3 ecosystem.

According to Shetty’s insights, the cyberattack targeted one of WazirX’s multisig wallets, which involves a complex process that bypassed multiple security layers.

Shetty clarified that no hardware keys from the WazirX team were compromised, and Liminal’s signing process is under detailed investigation.