India’s Web3 Association Bolsters Cybersecurity Efforts After $230 Million WazirX Hack

BTCC
A depiction of a cyberattack on a cryptocurrency exchange, representing the WazirX hack.
Bybit

India’s Web3 Association Bolsters Cybersecurity Efforts After $230 Million WazirX Hack

In response to the recent $230 million security breach on WazirX, the Bharat Web3 Association (BWA) is ramping up efforts to strengthen cybersecurity and enhance consumer protection within India’s crypto industry. Chaired by Dilip Chenoy, the BWA has established two internal groups dedicated to addressing these critical issues and investigating the recent security breach.

BWA Forms New Cybersecurity and Consumer Protection Teams in Response to WazirX Breach

According to local media, one of the groups will focus on cybersecurity. This team, comprising chief information security officers from member firms, will develop standard operating procedures and implement solutions aimed at preventing future breaches. The second group will address consumer protection, ensuring that guidelines are up-to-date and that user interests are safeguarded.

Chenoy highlighted that a thorough investigation into the breach is underway, with the BWA maintaining regular communication with the affected parties, WazirX and Liminal, to ensure a comprehensive examination of the incident.

“We have asked both [WazirX and Liminal] to do a complete forensic analysis and root cause analysis on the issue and evaluate the legal and remedial actions that can be taken post this incident.”

To ensure an impartial review, the BWA has suggested a third-party evaluation of the forensic report. This approach aims to provide an objective analysis of the breach, ensuring all aspects of the incident are thoroughly investigated.

Cybersecurity Group to Develop SOPs

The newly formed cybersecurity group will comprise chief information security officers (CISOs) from member firms. They will develop standard operating procedures (SOPs) and solutions to prevent future incidents similar to the WazirX breach.

okex

Traditionally, the BWA has focused on regulatory compliance, including registering with the Financial Intelligence Unit and implementing anti-money laundering measures. However, this recent incident has highlighted the need to place greater emphasis on cybersecurity.

The association, which includes major players such as Coinbase, Polygon, CoinSwitch, Liminal, Biconomy, Tax Nodes, Giottus, and Hike, will now also involve WazirX’s local rival, CoinDCX in its newly established groups. These teams will review and update existing consumer protection guidelines and address the current cybersecurity challenges.

WazirX Loses $230M in Hack Linked to North Korea’s Lazarus Group, Temporarily Suspends Services

India’s largest cryptocurrency exchange, WazirX, lost 45% of its holding assets on July 18 after one of its multisig wallets was hacked. North Korea’s Lazarus Group allegedly conducted the attack in a state-sponsored cyberattack. Multisig wallets require two or more private keys to unlock and withdraw funds, making the breach particularly concerning.

Chenoy noted,

“We have advised our members to be extra vigilant around cybersecurity. We have agreed on having independent discussions with cyber experts as well as within our ecosystem to strengthen the industry from threats.”

Notably, the exchange is also cooperating with various government agencies.

WazirX’s founder and CEO, Nischal Shetty, announced that the exchange has submitted its records to CERT-In and is in ongoing contact with the FIU and regulators. Shetty emphasized that the government agencies understand WazirX was a victim of a planned hack.

The stolen assets, valued at $230 million, included $102 million in Shiba Inu, $52.5 million in Ethereum, $11.24 million in Matic, $7.6 million in Pepe coin, $135 million in Tether, and $3.5 million in Gala, according to Lookonchain.

In response, WazirX has temporarily suspended withdrawals and trading. On July 27, it proposed a recovery plan allowing customers to access and trade 55% of their portfolio tokens, with the remaining 45% converted to USDT and locked. This proposal is open for customer voting until August 3.

Ledger