After four months of investigation, the Delhi Police’s Special Cell has arrested SK Masud Alam, a resident of West Bengal, for setting up a fake account that led India’s largest crypto exchange, WazirX, to lose over $234 million in user funds to a hack.
Alam’s arrest marks significant progress in the WazirX hack investigation process. It will make it easier for the authorities in charge to identify other entities involved in one of the highest institutional crypto thefts of the year.
Fake WazirX Account
According to a local media platform, India Today, Alam opened a fake WazirX account named Souvik Mondal. He sold the account via the Telegram social media platform to M. Hasan, who allegedly used it to breach the crypto exchange, stealing and moving crypto from the company’s multisig account.
The hacker stole many altcoins, including 5.43T Shiba Inu, 15,298 ETH, 20.3M Matic, 640.27B Pepe, 5.79M USDT and 135M Gala, 78.5M Jasmy, and many others. He converted $PEPE, $GALA, and $USDT to $ETH on the hack day.
Liminal Custody Defiance
Further reports also revealed that Liminal Custody, a digital asset custody platform securing WazirX assets during the hack, failed to comply with the Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) division.
The agency claimed to have contacted Liminal a couple of times. However, the asset custodian did not provide the necessary information, raising suspicions and questions about the firm’s accountability.
Moreover, the IFSO seized about three laptops used by WazirX authorized signatories to approve transactions. It has also obtained KYC details and transaction logs that will aid the investigation process and has not discovered any unauthorized penetration into WazirX’s system via any means.
WazirX’s Post-Hack Measures
Following Wazirx’s $234 million loss in July, the exchange has taken several measures to recover the funds, resume operations, and refund affected clients. Notably, it has also regularly informed users of new investigation updates.
First, the exchange paused trading on its platform, stating that the user’s funds were no longer fully backed after the hack. After that, it filed for a moratorium with the Singapore court and was granted four months to restructure liabilities.
Meanwhile, the exchange is set to restart trading, crypto staking, and over-the-counter (OTC) crypto transactions to speed up its recovery process. It plans to share generated trading fees with affected customers.
