Bharat has witnessed its largest cryptocurrency theft to date, involving an estimated ₹2,000 crore ($230 million). The theft, which targeted a wallet associated with the WazirX exchange last month, has led to widespread financial loss and a complex investigation involving multiple agencies.
The WazirX exchange reported the theft to key authorities, including the central cybercrime portal, the Financial Intelligence Unit, and the Indian Computer Emergency Response Team. A police case was filed in Delhi, marking the beginning of a detailed probe into the heist.
Digital forensics firms, Pelorus Technology and Crystal Intelligence, have been instrumental in analysing the theft. Crystal Intelligence, specialising in blockchain forensics, traced the compromised wallet and uncovered around 200 transactions on July 18, revealing that the plan had been in the works since July 10.
According to Sanjeev Shahi, Country Manager at Crystal Intelligence, the thief initially used the compromised wallet to transfer $230 million into various cryptocurrencies. They employed Tornado Cash, a mixing service akin to a hawala system, to obscure their identity and facilitate the transaction.
The stolen funds were swiftly converted into other cryptocurrencies and distributed across multiple wallets linked to different exchanges. Approximately 95 per cent of the stolen amount was stored in three wallets that are not currently connected to any exchanges.
Despite the funds being on the blockchain, they remain inaccessible for direct use. The thief would need to convert these cryptocurrencies into fiat currency, which would reveal their identity through financial institutions.
Currently, 61,000 Ethereum, valued at over ₹2 lakh each, are held in three of these wallets. Pelorus Technologies and Crystal Intelligence are monitoring these accounts closely. Kaushal Bheda, Director at Pelorus Technologies, asserted that while the thief’s identity remains unknown, the ongoing surveillance aims to uncover any further movements of the funds.
With cryptocurrencies operating outside traditional banking mechanisms and lacking regulatory oversight from the Reserve Bank of India or RBI, tracking and recovering stolen assets remains a significant challenge. The RBI has previously expressed concerns about the accountability and regulation of the crypto ecosystem.
