Indian authorities arrest suspect linked to $230 million WazirX hack

Police in India have reportedly taken a suspect into custody in connection with the high-profile attack on crypto exchange WazirX.

The individual’s capture comes nearly four months after the incident was first reported, leading to the loss of more than $230 million in crypto.

Two suspects have been identified

According to local news sources, the arrest took place in West Bengal’s East Midnapore district. The suspect, identified as SK Masud Alam, is alleged to have created an account on WazirX with the alias “Souvik Mondal”, and then sold it on Telegram to an accomplice named M. Hassan.

Alam’s alleged partner in crime is said to have used the account as a conduit to launch the attack on the Mumbai-based exchange, targeting its crypto storage systems.

Detectives from the Intelligence Fusion and Strategic Operations (IFSO) division of the Delhi Police, who conducted the investigations, revealed that the suspects first breached the platform’s hot wallet. They then tried to compromise your cold storage wallet, which is usually more secure because it’s stored offline.

To unravel the complex trail of transactions surrounding the heist, detectives seized three laptops used by key signatories of the exchange’s multi-sig wallets. Law enforcement officials are eager to determine how they were potentially exploited or ignored during the attack.

Alam’s charge sheet, reported by India Today, described the challenges investigators faced in their pursuit of the perpetrators, particularly the lack of cooperation from Custodia Liminal, which had been responsible for secure WazirX wallets.

According to authorities, Liminal failed to provide crucial information despite repeated requests, raising questions about its adherence to security protocols and operational transparency. Additionally, detectives suggested that the crypto custodian’s role in the WazirX breach could be subject to further scrutiny as new findings emerge.

Unlike Liminal, the report noted that WazirX has so far offered full cooperation in the investigation, providing police with key data, including know-your-customer (KYC) details and full transaction records. Authorities say these have been instrumental in reconstructing the events leading up to and following the incident.

The findings differ from the claims of forensic analysts

Alongside law enforcement, WazirX engaged several blockchain forensics experts to help identify the individuals responsible for the breach.

Some analysts had previously claimed that North Korean hackers were behind WazirX’s work. Elliptic, a chain diagnostics company, said its analysis of exploit patterns and techniques pointed to the involvement of North Korean actors.

Renowned crypto researcher ZachXBT echoed those sentiments, stating in a July 18 post on X that the attack had “the potential hallmarks of a Lazarus Group attack.”

The group, linked to the Pyongyang regime, has been accused of stealing more than $3 billion from the crypto industry in the past six years, including $600 million from Ronin Bridge.

SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).

2024 LIMITED OFFER on BYDFi Exchange – Up to $2888 Welcome Reward, Use this link to register and open a 100 USDT-M position for free!