WazirX offers $23M bounty to recover $230M in stolen crypto
Mumbai-based cryptocurrency exchange, WazirX, has launched a bounty program offering $23 million (approximately ₹192 crore) to recover the $230 million (roughly ₹1,964 crore) lost in a wallet breach last week. The breach compromised the exchange's multisig Ethereum wallet, resulting in significant losses and forcing India's largest crypto exchange to halt withdrawls and suspend trading. The company has invited white hat hackers, blockchain forensics experts, and cybersecurity professionals from around the world to join the recovery mission.
WazirX bounty program: Details and initiatives
WazirX's bounty program is divided into two main initiatives: "Track & Freeze" and "White Hat Recovery." The former offers rewards of up to $10,000 in USDT for information leading to the freezing of stolen assets. The latter promises ethical hackers a 10% reward of the recovered amount. This could potentially amount to $23M, making it one of the largest bounties ever offered in the crypto industry. The program will be active for three months, with potential adjustments based on progress.
How to participate in the bounty program
As per WazirX, interested individuals should email bounty@wazirx.com with their intent to participate in the bounty program along with their contact details. Detailed submissions must include addresses, transactions, and methodologies used for tracking and recovery of the stolen funds.
WazirX's commitment to recover stolen funds
Despite the challenges, WazirX remains committed to recovering the stolen funds. "Our foremost goal is to recover the stolen funds," said the crypto exchange's co-founder Nischal Shetty. The company alleged that the affected wallet was managed using Liminal's digital asset custody and wallet infrastructure. However, Liminal countered this claim, stating that their investigations revealed the hack originated from three compromised devices at WazirX's end.
Challenges in recovering stolen cryptocurrency assets
Recovering the stolen assets presents a significant challenge due to the high degree of anonymity and irreversible nature of blockchain transactions. The attackers swiftly converted the stolen assets into Ethereum and other cryptocurrencies, dispersing them across various addresses. Privacy tools like Tornado Cash further complicate tracking efforts by mixing transactions, making it incredibly challenging to trace the flow of funds.
