Thursday, November 21

WazirX co-founder preps bounty program to recover stolen funds

WazirX co-founder Nischal Shetty has announced a bounty program to help the exchange recover or freeze funds stolen in the exchange’s recent hack.

As reported earlier this week by crypto.news, the exploit saw losses amounting to more than $234 million in several cryptocurrencies. 

WazirX Team is actively working on next steps.

1. We’re preparing a bounty program to help us freeze/recover the stolen assets
2. Further discussions on continuous tracing of fund movements, we’re in touch with a few teams that claim to be experts at this.
3. We’ve informed all…

— Nischal (Shardeum) 🔼 (@NischalShetty) July 20, 2024

According to an X post from Shetty, the bounty program was launched earlier today. WazirX had initially proposed a $11.5m total bounty for recovering the assets, but the co-founder later said it was updated to $23m after the intercession of crypto security sleuth ZachXBT. 

Shetty said the bounty program was a way for the exchange to get assistance from the crypto community in its quest to recover the money stolen in the July 18 cyberattack.

According to WazirX’s official blog, the program consists of two initiatives. The first is a track and freeze bounty, aimed at helping locate and freeze the stolen assets. The second is a white hat recovery bounty, offering a reward of 10% of the recovered amount to those who assist in retrieving the funds.

The exchange has publicly shared an ERC20 wallet address for the return of the stolen funds as can be seen below. 

WazirX co-founder preps bounty program to recover stolen funds - 1
Source: WazirX

The crypto community on X has raised concerns over how “sluggish” measures taken to recover the funds have been, with some speculating on how the hack happened. Plenty of guesses have leaned towards the Lazarus Group’s involvement. 

$10M bounty means nothing if it is indeed Lazarus Group as they are not going to just hand over the funds or be located and held legally accountable.

5% is lower than 10%+ industry standard

— ZachXBT (@zachxbt) July 21, 2024

Although the exchange is optimistic some of the funds can be recovered, blockchain analytics firm Arkham confirmed the hacker sold $102m worth of SHIB, which was part of the funds stolen. 

Speculation on WazirX exploit method

An X user gave a breakdown on how the hack might have happened, insinuating that Shetty and the security team at WazirX were “sleeping while all these happened.” 

Allow me to elaborate this WazirX Hack.

1. Attacker changed the contract which defines how the transactions are carried out. ( how the hell your key holders upgrade without cross checking the file)

2. When your key holder 1 signed first USDT transaction ,the attacker got 1st…

— Engineer Xplains (@engineer_inside) July 21, 2024

The X user believes the hacker modified the contract defining transaction procedures without detection. It’s reported that the attacker then captured signatures from three separate keyholders during failed transactions.

These signatures were subsequently used to create a test transaction that met Laminal’s approval criteria, paving the way for larger unauthorized transfers.

Shetty disagreed with the allegations, insisting Liminal’s security measures verify transaction correctness and checks for whitelisted addresses before signing. Furthermore, he went on to say Liminal only signs transactions initiated within its own system, not external ones, regardless of other signatures. 

WazirX co-founder said the exchange is now awaiting Liminal’s detailed report on the incident, as well as forensic analysis of the three WazirX devices involved.

Share.