Crypto HacksCryptocurrencyNews

WazirX Cleared of Internal Failure as Liminal Denies $230M Hack Blame

Key Insights:

  • WazirX’s forensic investigation clears its systems, blaming former custody partner Liminal, which strongly refutes the allegations.
  • Liminal invites independent audits to verify its security after WazirX points to their involvement in the $230M hack.
  • WazirX explores recovery strategies post-hack, including a bounty program and industry partnerships for fund recovery efforts.

The WazirX exchange, one of India’s cryptocurrency platforms, recently announced that its internal systems remained secure following a $230 million hack that took place last month. A forensic probe led by Mandiant Solutions, a subsidiary of Google, confirmed that the cyberattack did not stem from a breach in WazirX’s internal infrastructure. 

However, the investigation pointed to Liminal, the exchange’s former custody partner, as a potential source of the compromise. Liminal, on its part, has rejected these accusations, raising concerns about WazirX’s security measures.

WazirX Forensic Probe Clears Exchange of Complicity

After suffering a breach that resulted in the loss of nearly 45% of its holding assets, WazirX engaged Mandiant Solutions to conduct an in-depth forensic audit. The attack targeted a multisignature (multisig) wallet, which requires multiple private keys for transactions to be authorized. In the case of the hacked wallet, six signatories were involved: five from WazirX and one from Liminal.

WazirX confirmed that three approvals from its own team were necessary for any transaction from the multisig wallet, with the final authorization needing to come from Liminal. Despite this, the Mandiant investigation did not detect any signs of compromise on the laptops that were used to authorize the transactions.

Following these findings, WazirX has expressed confidence that the breach was external. “We have full faith in the forensic investigation and are cooperating fully with the authorities,” a spokesperson for the exchange said. The platform is also taking active measures to recover the stolen assets and ensure that those responsible are brought to justice.

📰 Also read:  Everything You Need to Know About Crypto Capital Gains Tax in Germany, Italy, and France

Liminal Refutes Allegations and Criticizes Exchange Security

While WazirX has indicated that the breach originated from its former custody partner, Liminal has vehemently denied any fault. In an official statement obtained by Coingape, Liminal asserted that its infrastructure had not been compromised and questioned the security measures employed by WazirX. The custody provider pointed out that WazirX had control over five of the six keys required for the multisig wallet, a detail that they believe casts doubt on the exchange’s assertions.

Liminal further stated that their own audits, which are being conducted by multiple independent firms, have not found any breach in their front-end or user interface (UI). These audit results are expected to be finalized within the week. A Liminal spokesperson remarked, “Our preliminary audit reports categorically indicate no breach in our front-end or UI.” They added that their findings would be shared once they were completed.

In response to the forensic investigation conducted by Mandiant, Liminal has invited the cybersecurity firm to perform an audit of their UI, underscoring their commitment to transparency. The company reiterated its confidence that the forensic reports would exonerate them from any responsibility for the hack.

WazirX Implements Recovery Strategies and Engages With Regulators

In the aftermath of the attack, WazirX has implemented several recovery strategies aimed at minimizing the impact on its users. One initiative includes a Bounty Program offering rewards of up to $10,000 in USDT for information that could lead to the identification and apprehension of the perpetrators. The exchange is also engaging with the broader crypto community to gather opinions on the best course of action moving forward.

Additionally, WazirX has reached out to the Financial Intelligence Unit of India (FIU) and the Indian Computer Emergency Response Team (CERT) to address the repercussions of the breach. Initially, the exchange proposed a plan to allow customers access to 55% of their holdings while converting the remaining 45% into USDT, with the funds locked until recovery. This proposal, however, faced backlash from users and was eventually abandoned.

📰 Also read:  Tether Explores Boron Tokenization as Part of Turkey's Crypto Strategy

In a separate move, WazirX has approached industry peers, including former partner Binance, in an effort to seek assistance or a potential buyout. Binance had previously managed a large portion of WazirX’s revenue and held significant quantities of the platform’s native WRX tokens. Though discussions are ongoing, no concrete steps have been announced.

Ongoing Investigations and Security Upgrades

The WazirX hack has prompted the exchange to review and strengthen its security protocols. As part of its response, WazirX completed the restoration of balances for affected users by undoing unauthorized trades that took place between July 18 and July 21. These trades occurred as the exchange struggled to block the attackers from executing unauthorized transactions.

Liminal, which is no longer a custody partner for WazirX, continues to maintain its stance that the breach was not due to any failure on their end. The custodian has enlisted multiple independent auditors to review its systems and expects to release detailed reports soon. The outcome of these investigations could play a crucial role in determining whether WazirX’s allegations against Liminal hold merit.


Tokenhell produces content exposure for over 5,000 crypto companies and you can be one of them too! Contact at info@tokenhell.com if you have any questions. Cryptocurrencies are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by Tokenhell authors (namely Crypto Cable , Sponsored Articles and Press Release content) and the views expressed in these types of posts do not reflect the views of this website. Tokenhell is not responsible for the content, accuracy, quality, advertising, products or any other content or banners (ad space) posted on the site. Read full terms and conditions / disclaimer.

📰 Also read:  Coinbase vs. Binance: How Do the Leading Centralized Exchanges Compare?

Curtis Dye

Curtis is a cryptocurrency news and analytics author with a focus on DeFi, BLockchain, CeFi, NFTs etc. He has publication skills such as SEO optimization, Wordpress, Surfer tools and aids his viewers with insights on the volatile crypto industry.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close
Skip to content