WazirX’s plan includes tracing stolen funds, recovering assets, and thorough investigation post-hack, after roping in forensic experts.
In response to the devastating $230 million security breach, WazirX revealed that it has filed a formal police complaint and is exploring additional legal avenues to hold those responsible accountable.
Immediate actions include reporting the incident to the Financial Intelligence Unit (FIU) and the Indian Computer Emergency Response Team (CERT-In).
WazirX’s Comprehensive Action Plan
In the latest update, the Indian crypto exchange also said that it has reached out to over 500 exchanges to block the compromised addresses. Many of them are cooperating, and WazirX is now leveraging their support to speed up recovery efforts.
The company’s plan of action focuses on tracing the stolen funds, recovering customer assets, and performing a thorough investigation into the attack. Collaboration with forensic experts and law enforcement is underway to identify and apprehend the culprits behind this massive breach.
However, the recovery of user funds remains doubtful as more than 45% of WazirX’s reported reserves as of June 2024 have been stolen.
According to blockchain analytics firm Elliptic, the attack exhibited traits typical of North Korean threat actors, who have exchanged the stolen assets for Ether using decentralized services. This view was further backed by popular crypto researcher ZachXBT on X, who speculated that the hack could be linked to the Lazarus Group again.
Regulatory Clarity Needed to Protect Retail Investors
WazirX is noted for being one of the few exchanges registered with the Financial Intelligence Unit (FIU) in India, which allows it to offer crypto trading services despite the country’s tough regulations. The high-profile hack comes at a time when there’s an increased debate on the legality of crypto assets in the country.
Currently, India lacks a dedicated crypto regulation, and Joanna Cheng, Associate General Counsel at Fireblocks, said that the industry would benefit from clear regulatory expectations on issues like security standards, risk management, and consumer protection.
In a statement, Cheng further added that regulatory intervention in this space would also mean that exchanges that service large numbers of retail customers are held accountable for their actions or inaction.
“We believe that this incident highlights the importance of regulatory clarity and oversight, in order to establish a base level of accountability and investor protection, especially when retail investors are involved.”