- Delhi Police arrested SK Masud Alam for his role in the WazirX cyberattack case.
- A fraudulent account enabled a major breach on WazirX, targeting its hot wallet.
- Liminal Custody faced scrutiny for alleged non-cooperation in the WazirX investigation.
The Delhi Police recently apprehended SK Masud Alam, a resident of East Midnapore, West Bengal, in connection with a massive cyberattack that shook the cryptocurrency exchange WazirX. Authorities have pointed to Alam as a key suspect behind the sophisticated breach, which compromised the platform’s security and put millions of dollars in digital assets at risk.
The attacker stole digital assets worth ₹2,000 crore ($237 million), making it one of the largest crypto heists. According to investigators, Alam was enlisted in organizing the leak, one of the biggest security disasters the platform has ever faced.
Fake Account Enabled the Breach
The Intelligence Fusion and Strategic Operations (IFSO) division uncovered that Alam created a fraudulent account on WazirX. This account, under the alias Souvik Mondal, was later sold on Telegram. It was purchased by an individual identified as M Hasan.
According to police, Hasan allegedly used this account to exploit WazirX’s hot wallet, gaining unauthorized access to funds. The attackers even attempted to breach the platform’s cold wallet, though their efforts were thwarted. This incident has sparked serious concerns about WazirX’s verification processes and overall security measures.
Penpie, WazirX, Fenbushi Hacked: 17.8K ETH Deposited into Tornado CashNetwork of Cybercriminals Suspected
Authorities suspect that Alam is part of a wider network of cybercriminals. Investigations are ongoing to uncover more links and identify other possible collaborators. In the process, police seized three laptops belonging to WazirX’s authorized signatories.
These laptops were used for multi-signature wallet transactions. The devices are now being analyzed to determine how the attackers gained access. Investigators are also examining digital trails for signs of insider involvement.
Non-Compliance Allegations
The investigation was reportedly delayed due to alleged non-compliance by Liminal Custody. This is the firm responsible for safeguarding WazirX’s wallets. Despite repeated notices, police said Liminal Custody failed to give them crucial information.
These instances have drawn concerns about the firm’s security and transparency. The authorities will address these concerns in a supplementary charge sheet outlining the need for tighter industry regulations.
WazirX Assists Authorities
The investigation had been done in full cooperation with WazirX. The exchange handed over KYC data and transaction logs for the stolen assets to help trace them. Police found no evidence of unauthorized system access. But the attack would seem to have been enabled by compromised accounts. This case stresses the presence of constant risks in the crypto industry and even underscores the importance of protective measures in every such digital platform.