How is WazirX Working Towards Recovering Stolen Assets?

Simran Desuza - Aug 30 - - Dev Community

Imagine you're cruising on a ship smoothly; everything is calm and clear. Then, out of nowhere, a rogue wave crashes over you.

That's exactly what happened to WazirX on July 18 when a massive cyberattack struck. Hackers breached the interface of their third-party wallet service provider, Liminal Custody, and stole $230 million in digital assets.

Despite the severity of the situation, WazirX has a history of resilience. From the day of the hack, WazirX has turned this crisis into a rallying point, launching a full-scale operation to recover the stolen assets.

May the force be with the WazirX team!

The Cyberattack: A Wake-Up Call

The attack occurred all of a sudden, catching the crypto community by surprise.

Hackers managed to steal $230 million worth of digital assets from WazirX's multisig wallet, which was managed by Liminal Custody, one of the trusted and secured custody wallet service providers.

Hackers exploited vulnerabilities in Liminal's security, leading to unauthorized access to WazirX's multisig wallet and a substantial loss of assets.

The situation hit WazirX and Liminal Custody hard. WazirX jumped into action to control the damage and stop further losses. Meanwhile, Liminal Custody, their trusted partner, just played the blame game instead of stepping up and doing something about it.

Response to the Hack

WazirX’s Response:

WazirX's priority was to protect the remaining user assets and take precautionary measures by understanding the depth of the cyberattack.

They quickly issued a preliminary report to inform users and maintained transparency through regular updates.

As scammers tried to exploit the situation with phishing links and fake accounts, WazirX responded promptly on social media.

Additionally, they launched a bounty program, offering ethical hackers a reward of 10% of the recovered amount.

Liminal’s Response:

While WazirX was doing everything in its power, Liminal decided to simply point a finger and get away from this whole situation.

No response is also a response - The top thing Liminal Custody needs to understand.

How is Liminal so confident that there has been no breach of its infrastructure or UI without an actual forensic analysis? Are they hiding the truth? Is there some insider business?

Engaging the Community: Feedback and Communication

WazirX’s Steps:

The attack rattled the Indian crypto community, prompting WazirX to uphold its commitment to trust and transparency. The leadership team hosted a YouTube live session to address concerns and share their recovery strategy.

This session answered user questions and reassured the community that WazirX is taking every step to manage the situation.

Liminal’s Steps:

Till now, there has been NO clear communication about the recovery process or what exactly Liminal is doing. Simply posting a blog and tweet does not help the community; further raising questions about the platform’s integrity.

Other Developments: The Road to Recovery

WazirX’s Efforts:

WazirX reached out to over 500 crypto exchanges to block and recover stolen assets.

They also proposed a socialized loss strategy to distribute the impact, though it met with some resistance. Committed to user feedback, WazirX reconsidered the situation and worked on finding alternative solutions.

Meanwhile, it continued collaborating with law enforcement agencies and filed an FIR in New Delhi to facilitate the investigation.

Partnering with Mandiant Solutions, a Google subsidiary and a globally renowned cybersecurity and investigations firm, for forensic analysis, WazirX received a clean chit on their laptops being uncompromised, reinforcing confidence in their security measures.

Liminal’s Efforts:

Liminal cleverly deleted a blog post about securing a $50 million insurance policy for its customer assets. The irony is that one of its users on X (formerly Twitter) pointed this out recently.

Awaited Announcements

WazirX:

WazirX suspended withdrawals and trading after the hack, causing anxiety among users about their INR and crypto assets. However, WazirX is now gradually allowing INR withdrawals in phases, offering some relief.

Liminal:

Users are still waiting for Liminal’s team to communicate clearly on the situation.

If they are not at fault, why is it taking so long for them to come out in public and address the situation?

A Commitment to Security and Trust

The cyberattack on WazirX's wallet was undoubtedly a challenging episode, but it also highlights the platform's resilience and determination to protect its users. Through swift action, transparent communication, and a focus on recovery, WazirX is working tirelessly to turn the tide and recover the stolen assets. The journey is far from over, but with continued efforts and the support of its community, WazirX is well on its way to restoring trust and emerging stronger than before.

.