Indian cryptocurrency exchange WazirX has unveiled a significant bounty program, offering up to $23 million for the recovery of assets stolen in a recent cyberattack. 

The attack, which targeted one of the exchange’s multisig wallets, resulted in a substantial loss OF $234 million. Initially, WazirX offered a reward of $10,000 in USDT for actionable intelligence that could lead to freezing the stolen funds, along with a 5% reward on recovered amounts. However, this offer faced criticism for being too modest.

In response to feedback, WazirX increased the bounty significantly. The latest update offers up to $23 million for the successful recovery of the stolen assets. This reward is intended to incentivize white hat hackers and security experts to assist in tracing and recovering the stolen funds. 

The program will run for three months, with the possibility of extension based on the progress and requirements of the recovery efforts.

Background of the Incident

The security breach occurred on July 18, leading to a significant outflow of funds from one of WazirX’s multisig wallets. The company confirmed the breach and temporarily halted all withdrawals to mitigate further losses. Co-founder Nischal Shetty clarified that the hack was not due to phishing but involved complex multi-signature processes.

Shetty explained that three WazirX team members, each using separate hardware wallets, signed the transactions. Despite their physical separation and secure bookmarks, the attack involved a final signature from Liminal, WazirX's custody provider. 

Shetty emphasized that no hardware keys from the WazirX team were compromised and that Liminal’s signing process is under detailed investigation.

Ongoing Investigations and Actions

WazirX is collaborating with forensic experts to conduct a thorough audit of the compromised devices and the signing process. This investigation aims to determine whether any of the WazirX devices were compromised or if the attack exploited weaknesses in the Liminal system.

The forensic analysis will help clarify how the malicious payload was signed and provide insights into the attack’s execution. Shetty assured that the WazirX team is working tirelessly to resolve the issue and rebuild trust within the community.