Exactly four months after the Rs 2000 crore hack of the WazirX exchange, the Delhi Police will be submitting a chargesheet to the Delhi High Court, listing their investigation into the hack. On Wednesday, the Special Cell of Delhi Police arrested a man from West Bengal India in connection with the WazirX hack and made the first breakthrough in the case.
The Crypto Times has viewed the contents of the chargesheet and found that Delhi Police has not given a clean chit to either WazirX exchange management or Liminal Custody, the third-party security firm that had the custody of the cold, multi-signature wallet.
Delhi Police recently arrested SK Masud Alam, a resident of West Bengal, in connection with the cyberattack, claiming that he created a fake account on WazirX to facilitate the hack. According to the police, Alam allegedly set up this account under the alias “Souvik Mondal” and then sold it via Telegram to another individual named M Hasan, who, according to the chargesheet, used it to carry out the hack. Alam might have served as a mule for the hackers but investigating officers believe he can serve as a crucial link to reach the real culprits.
But the road to clarity remains fraught with complications. Despite a thorough investigation, there is no definitive conclusion on whether WazirX or its partners, like Liminal Custody, were complicit in the attack. The chargesheet filed by Delhi Police makes it clear: WazirX has not been given a clean chit, and neither has Liminal Custody, the digital asset custody firm responsible for securing the platform’s wallets.
The chargesheet acknowledges WazirX’s cooperation in the investigation, noting that the exchange has provided necessary data, including KYC details and transaction logs. However, WazirX is not yet off the hook. Forensic analysis of three laptops used by WazirX’s authorized signatories is still pending, as investigators explore potential misuse of multi-signature wallets, which require multiple approvals for high-value transactions.
Similarly, Delhi Police is yet to receive data and transaction logs of July 18 from Liminal Custody, the erstwhile security partner of WazirX.
The hack itself has been marked by sophisticated tactics, hinting at the potential use of Trojan Horse-like strategies. This raises an intriguing question about the security framework employed by both WazirX and Liminal.
Were there exploitable weaknesses in their systems that allowed for the breach of a supposedly secure hot wallet? And with the cold wallet reportedly targeted as well, does this suggest gaps in the presumed security of offline storage?
Initial examinations showed no direct evidence of interference, but with forensic analysis still incomplete, WazirX’s ultimate involvement—or lack thereof—remains an open question.
Liminal Custody’s role in the hack has raised more than a few eyebrows. The chargesheet states that Liminal failed to provide essential data and logs in response to Delhi Police’s requests made on October 1.
However, it’s crucial to note that the chargesheet does not accuse Liminal of non-cooperation. The company has been labeled as compliant and cooperative, but its inability to deliver key information is a concern that will be addressed in a supplementary chargesheet.
