WazirX hackers were preparing 8 days before the $235M theft

The hackers behind the $235 million WazirX crypto exchange breach began preparing onchain at least eight days prior, according to Polygon Labss security chief.

WazirX, one of Indias largest cryptocurrency exchanges, lost hundreds of millions to a multisig wallet hack on Thursday, July 18, which is being blamed on North Korean hacking organization Lazarus Group. 

Mudit Gupta, the Chief Information Security Officer of Polygon Labs, suggests the hackers had started practicing the hack onchain more than a week prior to executing the attack. 

It started with hackers upgrading the multisig to a malicious version that would later allow them to drain it, Gupta explained in a July 18 post on X. 

Tarun Mangukiya, the co-founder of payment platform Copperx, believes the hackers may have tricked WazirX into upgrading its Safe Implementation Skeleton.

Why did they upgrade it instead of just draining? Gupta asked rhetorically.

Draining takes time and multiple transaction. They likely didnt have access to all the required private keys and were dependent on signature phishing which they cant do multiple times without getting caught.”

In a follow-up post on X, WazirX has described the attack as a force majeure event beyond our control.

We have already blocked a few deposits and reached out to concerned wallets for recovery, it added.

The exchange announced a temporary withdrawal freeze soon after the hack.

Indias crypto sector holds breath for tax relief

Elsewhere in India, the cryptocurrency industry is eagerly hoping for relief from the countrys stringent crypto tax regulations, with India Finance Minister Nirmala Sitharaman set to present the Union Budget for the next fiscal year on July 23. 

Since 2022, India has slapped one of the worlds most severe tax regimes on cryptocurrency, with a flat 30% capital gains tax on profits from digital assets, including non-fungible tokens (NFTs). 

In addition, a 1% tax deducted at source (TDS) is levied on crypto transactions.

Indias crypto sector has been advocating a reduction in the TDS rate to 0.01% in the forthcoming budget. 

Sumit Gupta, CEO of CoinDCX, an exchange involved in pre-budget consultations, says this adjustment is seen as crucial to recapturing business that has shifted to offshore exchanges due to current heavy taxation.

We have also requested for a reduction in TDS rate from 1% to 0.01%, Gupta said in a statement shared with Magazine.

We have also requested for a reduction in capital gains tax rate from 30% to the actual [income bracket] of the assessee.

Since the introduction of these tax measures in Sitharamans 2022 Budget speech, Indian crypto exchanges have seen a drastic decline, with trading volumes plummeting by 97% and active users decreasing by 81%, according to a recent report by The National Academy of Legal Studies and Research (NASLAR).

NASLARs research found that the national treasury is losing approximately $700 million (59 billion Indian rupees) in tax revenue due to diminished activity on Indias leading exchanges. 

The study suggests that reducing the TDS rate to 0.01% could potentially double the nations tax revenue in the upcoming fiscal year.

So far, India has had a hot and cold relationship with cryptocurrency while maintaining a positive outlook toward the potential of blockchain technology.

The industrys growth hit a wall in 2018 when the Reserve Bank of India, the central bank, prohibited financial institutions from servicing crypto businesses a ban that was overturned by the Supreme Court in 2020. 

More arrests in Hong Kong over fake cash for USDT scam

Hong Kong authorities have arrested three more suspects for allegedly selling counterfeit banknotes in exchange for stablecoin Tether (USDT).

Local media reported on July 15 that a 44-year-old businessman was deceived into transferring $399,000 (3.11 million Hong Kong dollars) in USDT.

The businessman then received three bundles of 1,000 Hong Kong dollar notes, with the counterfeit notes sandwiched by genuine bills. 

Suspects met with the victim in a hotel in the major shopping district of Tsim Sha Tsui before being taking him to finalize the deal at Mong Kok district, which is about a 10-minute drive away.

Police have detained three suspects, a woman and two men, on suspicion of obtaining property by deception and possession of counterfeit banknotes. If convicted, they could face sentences ranging from 10 to 14 years in prison.

This case bears a striking resemblance to an incident in April 2024 when a victim was scammed for $128,000 (1 million Hong Kong dollars).

The case involved hell notes, which are unofficial paper money burned during traditional ancestral worship ceremonies. These notes represent offerings to ancestors in the afterlife.

Read also

Features

US enforcement agencies are turning up the heat on crypto-related crime

Features Are You Independent Yet? Financial Self-Sovereignty and the Decentralized Exchange

A 35-year-old man was shown stacks of these hell notes in exchange for USDT in a Tsim Sha Tsui shop. However, the alleged scammers refused to hand over the notes and disappeared.

Local media reported in May (a month after the victims police report) that three suspects were arrested and 3,000 hell notes were confiscated.

According to local media, counterfeit fiat scams are on the rise in the city. From January to April 2024, the police busted $326,130 worth of fake notes.

Insider crypto trading in South Korea can now land you life in prison

South Koreas cryptocurrency investor protection law will officially come into force on Friday, July 19.

The Act on the Protection of Virtual Asset Users, enacted on July 18, 2023, aims to safeguard crypto investors assets and prohibit unfair trading practices.

The legislation mandates that users deposits be segregated from company funds and held by a regulated financial institution. To further protect users assets, the law requires that a large chunk of these assets 80% or more of their economic value be stored offline, such as in cold wallets.

Crypto businesses are also required to take measures to cover potential liabilities arising from hacking or system failures. These measures include obtaining insurance or setting aside reserves which must cover at least 5% of the economic value of assets not stored offline.

The law prohibits activities such as using undisclosed information for trading (insider trading), market manipulation, and fraud. Violations can result in severe penalties, including criminal charges and fines.

Criminal penalties may include imprisonment for at least one year, with fines ranging from three to five times the amount of illegal gains. If the illegal gains exceed $3.6 million (5 billion Korean won), the maximum penalty can be life imprisonment, along with fines amounting to twice the illegal gains.

Read also

Features Crypto as a ‘public good’ in the 22nd century

Features MakerDAOs plan to bring back DeFi summer Rune Christensen

Hackers send stolen crypto to marketplace with ties to Cambodia PMs family

North Koreas Lazarus Group is suspected of laundering at least $35 million in USDT on Tron so far this month through the online Cambodian marketplace Huione Guarantee.

Blockchain detective ZachXBT linked these laundered funds to the $305 million worth of Bitcoin stolen from DMM, a Japanese cryptocurrency exchange that suffered the years most significant breach in late May.

According to ZachXBT, offchain indicators and laundering techniques suggest that the Lazarus Group is the prime suspect in the DMM hack.

Huione Guarantee is a multibillion-dollar marketplace owned by the Huione Group, which also operates the foreign exchange business Huione Pay.

An investigation by blockchain forensics firm Elliptic alleges that Hun To, a cousin of Cambodian Prime Minister Hun Manet, is one of the directors of Huione Pay.

Hun To was reportedly suspected of money laundering and drug trafficking by Australian authorities over a decade ago. Hun To has denied the allegations.

In a separate report on July 15, Reuters found that Huione Pay received approximately $150,000 from North Korean hackers. 

Reuters-cited blockchain analysts claiming that Huione Pay received funds from an anonymous digital wallet used by Lazarus to deposit stolen assets from three different crypto firms.

Subscribe

The most engaging reads in blockchain. Delivered once a week.

Email address

SUBSCRIBE