- Wazirx announced a $23M bounty program to recover stolen assets
- Assets stolen due to cyberattack cost over $230M
- A request to block them has been sent to more than 500 exchanges
- The bounty program is divided into “Track & Freeze” and “White Hat Recovery”
- The bounty program is active for 3 months, possible with prolonging if needed
We are witnessing another multi-million dollar hack in the crypto industry, namely the $230M hack of the Indian cryptocurrency exchange Wazirx.
However, it’s worth noting that Wazirx actively responded, contacted exchanges and law enforcement, and announced a $23M bounty program.
How Did the Wazirx Hack Happen?
On July 18, 2024, WazirX was hacked, specifically the WazirX Safe Multisig wallet on the Ethereum network.
The hack occurred through three compromised WazirX devices:
First, the attacker modified the transaction payload and obtained the necessary signatures.
After using this, he created a malicious transaction that was eventually rejected due to an invalid signature, but not before the attacker obtained the necessary authorizations.
The final malicious transaction approved the fake transaction, resulting in an unauthorized transfer of funds.
Liminal, the company that provides WazirX services, also commented that the entire infrastructure has not been compromised and that the rest of the wallets are safe.
What Measures Has Wazirx Taken?
First of all, WazirX contacted law enforcement agencies to record the crime and also asked 500 crypto exchanges to block the identified addresses.
After that, WazirX announced a bounty program, the size of which fluctuated but eventually came to $23M.
The bounty program will be divided into two types, namely:
- Track & Freeze offers rewards for quick information.
- White Hat Recovery offers rewards for ethical hacking.
This bounty program will run for 3 months, but WazirX has indicated its intention to extend it if it proves fruitful and requires more time.