#Fact Check: Old Photo Misused to Claim Israeli Helicopter Downed in Lebanon!

Overview:

WazirX is the platform for cryptocurrencies, based in India that has been hacked, and it made a loss of more than $230 million in cryptocurrency. This case concerned an unauthorized transaction with a multisignature or multisig, wallet controlled through Liminal’a digital asset management platform. These attacking incidents have thereafter raised more questions on the security of the Cryptocurrency exchanges and efficiency of the existing policies and laws.

Wallet Configuration and Security Measures

This wallet was breached and had a multisig setting meaning that more than one signature was needed to authorize a transaction. Specifically, it had six signatories: five are funded by WazirX and one is funded by Liminal. Every transaction needed the approval of at least three signatories of WazirX, all of whom had addressed security concerns by using Ledger’s hardware wallets; while the Liminal, too, had a signatory, for approval.

To further increase the level of security of the transactions, a whitelisting policy was introduced, only limited addresses were authorized to receive funds. This system was rather vulnerable, and the attackers managed to grasp the discrepancy between the information available through Liminal’s interface and the content of the transaction to seize unauthorized control over the wallet and implement the theft.

Modus Operandi: Attack Mechanics

The cyber attack appears to have been carefully carried out, with preliminary investigations suggesting the following tactics: 

• Payload Manipulation: The attackers apparently substituted the transaction’s payload during signing; hence, they can reroute the collected funds into an unrelated wallet. 

• Chain Hopping: To make it much harder to track their movements, the attackers split large amounts of money across multiple blockchains and broke tens of thousands of dollars into thousands of transactions involving different cryptocurrencies. This technique makes it difficult to trace people and things. 

• Zero Balance Transactions: There were also some instances where it ended up with no Ethereum (ETH) in the balance and such wallets also in use for the purpose of further anonymization of the transactions.

• Analysis of the blockchain data suggested the enemy might have been making the preparations for this attack for several days prior to their attack and involved a high amount of planning. 

Actions taken by WazirX:

Following the attack, WazirX implemented a series of immediate actions:

• User Notifications: The users were immediately notified of the occurrence of the breach and the possible risk it posed to them. 

• Law Enforcement Engagement: The matters were reported to the National Cyber Crime Reporting Portal and specific authorities of which the Financial Intelligence Unit (FIU) and the Computer Emergency Response Team (CERT-In). 

• Service Suspension: WazirX had suspended all its trading operations and user deposits’ and withdrawals’ to minimize further cases and investigate. 

• Global Outreach: The exchange contacted more than 500 cryptocurrency exchanges and requested to blacklist the wallet’s addresses linked to the theft. 

• Bounty Program: A bounty program was announced to encourage people to share information that can enable the authorities to retrieve the stolen money. A maximum of 23 million dollars was placed on the bounty. 

Further  Investigations 

WazirX stated that it has contracted the services of cybersecurity professionals to help in the prosecution process of identifying and compensating for the losses. The exchange is still investigating the forensic data and working with the police for tracking the stolen assets. Nevertheless, the prospects of full recovery may be quite questionable primarily because of complexity of the attack and the methods used by the attackers. 

Precautionary measures: 

 The WazirX cyber attack clearly implies that there is the necessity to improve the security and the regulation of the cryptocurrency industry. As exchanges become increasingly targeted by hackers, there is a pressing need for: 

• Stricter Security Protocols: The commitment to technical innovations, such as integration of MFA, as well as constant monitoring of the users’ wallets’ activities. 

• Regulatory Oversight: Formalization of the laws that require proper security for the cryptocurrency exchange platforms to safeguard their users as well as their investments. 

• Community Awareness: To bypass such predicaments, there is a need to study on emergent techniques in spreading awareness, particularly in cases of scams or phishing attempts that are likely to follow such breaches. 

Conclusion:

The cyber attack on WazirX in the field of cryptocurrency market, shows weaknesses and provides valuable lessons for enhancing the security.  This attack highlights critical vulnerabilities in cryptocurrency exchanges, even though employing advanced security measures like multisignature wallets and whitelisting policies. The attack's complexity, involving payload manipulation, chain hopping, and zero balance transactions, underscores the attackers' meticulous planning and the challenges in tracing stolen assets. This case brings a strong message regarding the necessity of solid security measures, and constant attention to security in the rapidly growing world of digital assets. Furthermore, the incident highlights the importance of community awareness and education on emerging threats like scams and phishing attempts, which usually follow such breaches. By fostering a culture of vigilance and knowledge, the cryptocurrency community can better defend against future attacks.

Reference:

https://wazirx.com/blog/important-update-cyber-attack-incident-and-measures-to-protect-your-assets/

https://www.moneycontrol.com/news/opinion/the-230-million-crypto-theft-at-wazirx-is-a-wake-up-call-for-indian-regulators-government-12772563.html

https://www.linkedin.com/pulse/wazirx-cyberattack-in-depth-analysis-jyqxf

‍

Introduction:

The Indian Ministry of Communications has come up with a feature known as "Quick SMS Header Information" to provide citizens with more control over their messaging services. This feature would help users access crucial information about the sender through text message, therefore making the details readily available at their fingertips.

The Quick SMS Header service is the key to providing users with the feature to ensure that they are receiving messages from the correct source. Users can instantly learn all the necessary data about the sender of a certain SMS. This data is invaluable for making the distinction between real messages and suspicious spam or phishing, so the user can have a higher level of defense against online threats and scam activities.

Importance of Checking the Header:

1. Authenticity Verification: SMS header data represents another way to confirm the sender. This feature keeps the end user from wrongly assuming that the SMS is from a trusted source or an unknown sender. Hence, the end user is able to make a choice about the authenticity of the message.

2. Mitigating Spam and Phishing: The rise of SMS and phishing scams has created some significant hurdles for users in the process of differentiating between real and fake messages. Through the Quick SMS Header Information service, people will be able to look up any suspicious messages in order to be able to take appropriate steps to prevent links that lead to malicious websites or requests for personal information.

3. Enhancing User Security: The SMS header information plays an important role in ensuring that the user is secure and has no privacy issues.  The checking of the message headers will help us limit the possibilities of bad activities and reduce the chances of being a victim of cybercriminals.

4. Empowering Consumer Awareness: This feature is designed to encourage the people involved  to take responsibility for the security of their devices and establish a safer and more dependable digital platform.

Benefits:

• Enhanced Transparency: By giving access to the header information to the users, it is transparency that is promoted within the telecommunications ecosystem.
• Empowered Decision-Making: Now that users have information about the SMS header, they can make informed decisions regarding their communications and privacy.
• Efficient Resolution of Concerns: The Quick SMS Header Information serves the purpose of providing the needed resolution by telling us the message’s origin in cases where users come across any suspicious messages.
• User-Friendly Interface: With its easy and clear process, this feature caters to users of all technical proficiency levels, ensuring accessibility for all.

Working:

1. Compose Your SMS: Write a message with the header you wish to find the information about. For example, if you want to know details about a header labeled "SBIINB," your SMS should be in the format "DETAILS OF SBIINB." Note, all letters are in capital only.

2. Send it to 1909: Once your message is ready, send it to: 1909. Please note, this may charge you depending upon your current plan. 

3. Receive Response: The response to your SMS will be sent to you by the concerned telecommunication service provider or directly by 1909, a few seconds after you have sent your message. This response will have the data associated with the header above.

Another method to find SMS header information:

TRAI (Telecom Regulatory Authority of India) has made a tool on the webpage (https://smsheader.trai.gov.in/) to check for the SMS header associated with the message. 

TRAI has also mandated header registration for messages pertaining to transactional or promotional purposes. This has helped people identify the SMS header by simply looking into the database as made by TRAI.

Steps:

1. Go to https://smsheader.trai.gov.in/. The page looks like as shown below:

‍

2. Enter your Email, Name and complete the captcha under the Download/View Header Details and click on continue

‍

3. Enter the OTP received on your email with the captcha and click on continue

4. Now enter your SMS header in the format of AA-AAAA, where “AA” is your prefix and “AAAA” is your header name. For example, we have taken “AX-HDFCBK” as our sample header, so “AX” is our prefix and “HDFCBK” is our header name.

5. As soon as we press enter, the site returns the query with the information of the header, as shown below

Conclusion:

The importance of checking SMS headers is something that simply cannot be overemphasized. This is the principal procedure for identifying incoming messages as authentic, and on that basis, the users are able to make informed choices about the messages they receive. It also contributes to the rise of user safety and privacy.

The development of more transparent controls and a stronger decision-making process will make it easier for users to handle their digital lives. The Quick SMS Header Information service is easy and convenient to use, as its interface is simple and understandable for users of all technical levels.

In addition to this, TRAI's attempt to make available an online tool for the maintenance of a comprehensive database of SMS headers strengthens its position towards ensuring security for its users in the telecommunications sector.

‍

Introduction

According to the Finance Ministry's data, the incidence of domestic Unified Payment Interface (UPI) fraud rose by 85% in FY 2023-24 compared to FY 2022-23. Further, as of September of FY 2024-25, 6.32 lakh fraud cases had been already reported, amounting to Rs 485 crore. The data was shared on 25th November 2024, by the Finance Ministry in response to a question in Lok Sabha’s winter session about the fraud in UPI transactions during the past three fiscal years.

Statistics

‍

UPI Frauds and Government's Countermeasures 

On the query as to measures taken by the government for safe and secure UPI transactions and prevention of fraud in the transactions, the ministry has highlighted the measures as follows: 

• The Reserve Bank of India (RBI) has launched the Central Payment Fraud Information Registry (CPFIR), a web-based tool for reporting payment-related frauds, operational since March 2020, and it requires requiring all Regulated Entities (RE) to report payment-related frauds to the said CPFIR.

• The Government, RBI, and National Payments Corporation of India (NPCI) have implemented various measures to prevent payment-related frauds, including UPI transaction frauds. These include device binding, two-factor authentication through PIN, daily transaction limits, and limits on use cases.
• Further, NPCI offers a fraud monitoring solution for banks, enabling them to alert and decline transactions using AI/ML models. RBI and banks are also promoting awareness through SMS, radio, and publicity on 'cyber-crime prevention'.
• The Ministry of Home Affairs has launched a National Cybercrime Reporting Portal (NCRP) (www.cybercrime.gov.in) and a National Cybercrime Helpline Number 1930 to help citizens report cyber incidents, including financial fraud. Customers can also report fraud on the official websites of their bank or bank branches.
• The Department of Telecommunications has introduced the Digital Intelligence Platform (DIP) and 'Chakshu' facility on the Sanchar Saathi portal, enabling citizens to report suspected fraud messages via call, SMS, or WhatsApp.

Conclusion  

UPI is India's most popular digital payment method.  As of June 2024, there are around 350 million active users of the UPI in India. The Indian Cyber Crime Coordination Centre (I4C) report indicates that ‘Online Financial Fraud’, a cyber crime category under NCRP, is the most prevalent among others. The rise of financial fraud, particularly UPI fraud is cause for alarm, the scammers use sophisticated strategies to deceive victims. It is high time for netizens to exercise caution and care with their personal and financial information, stay aware of common tactics used by fraudsters, and adhere to best security practices for secure transactions and the safe use of UPI services.

References

• https://sansad.in/getFile/loksabhaquestions/annex/183/AU211_sk53e3.pdf?source=pqals

‍