Delhi Police Arrests Bengal Man in ₹2000 Cr WazirX hack

In a major breakthrough, Delhi Police have arrested SK Masud Alam from West Bengal in connection with the cyberattack on cryptocurrency exchange WazirX, which resulted in the theft of digital assets worth ₹2,000 crore. 

Alam allegedly set up a fake account to facilitate the attack, which targeted WazirX’s hot wallet and attempted to breach its cold wallet. The attack was one of the largest breaches in the crypto sector, drawing widespread attention to security vulnerabilities within digital asset exchanges.

Alam, a resident of East Midnapore in West Bengal, was apprehended by Delhi Police’s Special Cell following an investigation led by the Intelligence Fusion and Strategic Operations (IFSO) division.

According to the chargesheet, Alam created a WazirX account under the name Souvik Mondal, which he later sold via Telegram to an individual named M Hasan. This account was then used to carry out the cyberattack. The authorities continue to probe Alam’s connections, believing that this may be part of a larger network of cybercriminals.

The chargesheet also highlights the alleged non-cooperation of Liminal Custody, a digital asset custody firm responsible for securing WazirX’s wallets. Despite multiple notices issued by the Delhi Police, Liminal Custody reportedly failed to provide crucial information needed for the investigation, raising concerns about its security practices. 

This lack of cooperation has further complicated efforts to trace the full scope of the cyberattack, with police noting that Liminal’s role will be addressed in a supplementary chargesheet.

During the investigation, the Delhi Police seized three laptops from WazirX that authorized signatories used for approving transactions via multi-sig wallets. The authorities also confirmed that WazirX has fully cooperated with the investigation, providing vital data such as KYC details and transaction logs to help track the stolen funds.

The police noted no evidence of unauthorized access to WazirX’s systems, either locally or remotely, suggesting that the breach was an inside job facilitated by the compromised accounts.

As the investigation progresses, Liminal Custody’s lack of cooperation remains a key concern, potentially hindering efforts to trace the culprits behind the crypto heist. Authorities are working to identify other individuals involved and uncover the full extent of the cyberattack.