Following a massive $230 million hack, cryptocurrency exchange WazirX has filed a police complaint and engaged with the Indian Computer Emergency Response Team (CERT-In). The company reported the incident on X, seeking assistance from India’s top cybersecurity agency to address the breach.
Rapid Response Actions
In response to the security breach that resulted in significant withdrawals, WazirX has outlined several immediate actions:
- Tracing Stolen Funds: The exchange is actively working to track down the stolen assets.
- Recovering Customer Assets: Efforts are underway to recover the assets lost by customers.
- In-Depth Cyber Attack Analysis: A comprehensive analysis of the cyber attack is being conducted to understand the breach and prevent future incidents.
Expert and Exchange Collaboration
WazirX has noted that multiple exchanges are cooperating with them. They are also collaborating with forensic experts and law enforcement agencies to identify and apprehend the perpetrators. Engaging with CERT-In marks a crucial step, given the agency’s specialization in computer security incidents in India.
Filing a First Information Report (FIR)
According to a source familiar with the matter, the next step for WazirX involves filing a First Information Report (FIR). In India, the police prepare an FIR if an official investigation is deemed necessary after a complaint is filed. This could lead to further scrutiny of WazirX’s operational practices, including their accounting, operating systems, and security protocols.
Regulatory and Legal Landscape
India’s Finance Ministry has declined to comment on the incident. Due to the lack of specific cryptocurrency regulations, the sector remains largely outside the jurisdiction of most authorities, except for the Financial Intelligence Unit (FIU-India). Although WazirX is registered with FIU-India, which monitors transactions under the Prevention of Money Laundering Act (PMLA), this incident does not fall under FIU’s mandate as it concerns a security breach.
Calls for Regulatory Clarity
Joanna Cheng, Associate General Counsel at Fireblocks, emphasized the necessity for clear regulatory expectations regarding security standards, risk management, and consumer protection. She stated that regulatory intervention would ensure accountability for exchanges servicing large numbers of retail customers.
Support from the Crypto Community
Sumit Gupta, co-founder of CoinDCX, another major Indian cryptocurrency exchange, expressed support for WazirX and its affected customers. He mentioned that CoinDCX has reached out to WazirX to offer assistance and is open to suggestions on how they can help.
India’s crypto advocacy body, the Bharat Web3 Association, did not immediately respond to requests for comments.
The $230 million hack of WazirX highlights the critical need for robust security measures and clear regulatory guidelines within the cryptocurrency sector. As WazirX works with various stakeholders to address the breach and recover lost assets, the incident underscores the importance of industry-wide cooperation and regulatory clarity to protect consumers and enhance the security of digital assets.