WazirX Files FIR Report, CoinDCX Establishes CIPF In Wake Of Attack

WazirX filed a First Information Report (FIR) with the Delhi Police, marking a crucial step toward addressing the breach it suffered in mid-July and recovering the stolen funds. The investigation is being handled by Dehli Police’s Intelligence Fusion & Strategic Operations (IFSO) unit.

📢 Important Update: FIR filed

Based on a complaint filed by us in connection with the Cyber attack on our multisig wallet, the police has taken cognizance of the matter and a FIR under BNS & IT Act has been registered on 5th August 2024 at PS Special Cell, PS Lodhi Colony, New… pic.twitter.com/umAkkEzv7E

— WazirX: India Ka Bitcoin Exchange (@WazirXIndia) August 6, 2024

Let’s unpack the cyberattack and how the market has responded.

What Happened With the Cyber Attack

On July 18, 2024, Indian cryptocurrency exchange WazirX experienced a significant security breach, resulting in the theft of approximately $234.9M. The stolen assets included Shiba Inu ($SHIB), Ether ($ETH), Matic ($MATIC), and Pepe ($PEPE).

The filing of the FIR received mixed reactions from the community. Many questioned why the filing had taken so long – over two weeks after the initial attack. Others acknowledged the complexity of the investigation process.

WazirX co-founder Nischal Shetty emphasized their commitment to transparency and recovery efforts.

What The Analysis Revealed

WazirX’s initial investigation revealed no evidence of compromise within their own infrastructure, suggesting that the breach likely originated from Liminal. There were conflicting reports from both parties; each pointed to the other as the source of the security lapse.

Liminal later published a report to support its own security measures, highlighting the extremely sophisticated nature of the exploit, which leveraged an externally created wallet. 

Adding to the complexity, some experts and blockchain analysis firms, such as Elliptic, have suggested that North Korean hackers may be behind the breach. 

The possibility of the involvement of a high-level state-affiliated team raises concerns over the future of cryptocurrency exchanges amid attacks that are growing more mature.

The Market Responded Quickly To Counter Any After Effects

Mature attacks provoke mature responses. $5.43B Shiba Inu ($SHIB) was stolen in the attack, and $SHIB holders promptly increased the burn rate by over 400% to counter any dumping of $SHIB tokens by the attacker.  

On the exchange side, CoinDCX, the leading Indian crypto exchange, created a $5.9M Crypto Investors Protection Fund (CIPF). The CPIF, entirely financed by CoinDCX, will safeguard its users’ assets in the event of similar security incidents. 

1/ 🚨 Announcing a new First for Indian Crypto Exchanges: CoinDCX’s INR 50 Crore Crypto Investors Protection Fund (CIPF)@smtgpt, @mri_gup, I, and the entire 500+ team at @CoinDCX work hard to provide the best investing and trading experience and also ensure everyone’s funds are… pic.twitter.com/kbcp1anX7J

— Neeraj Khandelwal (@neerajKh_) August 7, 2024

The CPIF aims to set higher security standards within the Indian crypto ecosystem while defending against increasingly sophisticated attacks.

Final Thoughts

Both the Indian crypto market and the broader crypto economy responded swiftly to the WazirX exploit. The FIR report indicates the ongoing efforts to identify the perpetrators of the attack and, if possible, retrieve the stolen assets. The reactions also indicate the growing maturity of the crypto market in the face of increasingly sophisticated cyber attacks.

References