- Forensic analysis by Mandiant Solutions found no compromise on WazirX's laptops used for signing transactions.
- Iinitial investigations point to issues originating from Liminal, while Liminal claims their front-end and user interface were not breached.
Indian cryptocurrency exchange & trading platform, WazirX on July 18 revealed on X that one of its multisig wallets experienced a security breach. And as a result, $234.9 million (over ₹1900 crore) of WazirX’s funds were lost.
Nearly a month after investigating a security breach, WazirX announced on August 19 that its laptops were not compromised in the recent cyberattack, which led to the theft of over $230 million (Rs 2,000 crores) from one of their Multisig wallets.
To investigate the breach, WazirX hired Mandiant Solutions, a Google subsidiary, to perform a forensic analysis. According to the Mandiant's report, submitted on August 14, there’s no evidence of compromise on the three laptops used for signing transactions. A detailed report is still awaited, but WazirX suggested that the issue might have started with Liminal based on preliminary findings.
“While a detailed report is forthcoming, the findings largely indicate that the issue leading to the cyberattack originated from Liminal. The wallet that was attacked was managed using Liminal’s digital asset custody and wallet infrastructure,” WazirX said.
In response to the investigation, Liminal Custody stated:
“We cannot comment on the statement put out by WazirX due to the lack of any information on the scope and methodology of the audit they conducted. However, if one were to go by the information they’ve shared, it raises serious questions about the security of their network infrastructure, operational custody controls, and overall security posture, given that they were the custodians for 5 of the 6 keys.”
Liminal further stated that their initial audit reports show no breach in their front-end or user interface. They have hired several well-known independent auditors to perform a forensic analysis, and the full reports are expected later this week. Liminal is confident that their front-end and UI were not compromised, and they will share the findings as soon as they are ready.
Meanwhile, WazirX is exploring recovery options, including launching a Bug Bounty Program with rewards of up to $10,000 in USDT. They have also been in discussions with competitors and peers for support or a potential buyout. WazirX even reached out to its former partner Binance, which reportedly held a significant portion of WazirX's revenue and WRX tokens valued at $80 million.
Additionally, the exchange has submitted its records to the Financial Intelligence Unit-India (FIU-IND) and the Indian Computer Emergency Response Team (CERT-In).
Edited by Harshajit Sarmah