Exclusive: Liminal Denies Blame For $230M WazirX Hack Despite Forensic Probe

In a recent update on the ongoing WazirX hack investigation, the exchange has declared that its systems and laptops were not compromised during the $230 million cyberattack. This assurance follows a thorough forensic investigation by Mandiant Solutions, a Google subsidiary.

Citing the report, WazirX claimed the issue likely stemmed from its former infrastructure and custody partner, Liminal. However, the custodian has vehemently refuted the claims. Moreover, they raised questions on the exchange’s security systems.

WazirX Exchange Receives Clean Chit After Forensic Probe

WazirX, one of India’s largest crypto exchanges, experienced a significant hack last month. It resulted in the loss of nearly 45% of its holding assets. The attack targeted a multisig wallet, an advanced crypto wallet requiring multiple private keys to authorize transactions. The compromised wallet had six signatories: five from WazirX and one from Liminal.

According to the exchange, “All transactions from the Multisig wallet required approval from three members of WazirX, followed by the final authorization from Liminal.” Despite this, the forensic report stated, “We did not identify evidence of compromise on the three laptops that were used for signing transactions.”

The findings of Mandiant Solutions have led to claims that the WazirX hack was not due to internal failures but rather an issue with Liminal’s security. “The findings largely indicate that the issue leading to the cyberattack originated from Liminal,” the exchange said, according to a MoneyControl report.

The WazirX exchange has expressed full confidence in the forensic investigation and is committed to cooperating fully. Moreover, a spokesperson for the exchange commented:

“We have full faith in the investigating agency and shall cooperate with them to the fullest extent. We are actively working on recovering the stolen funds and are hopeful that those responsible will be brought to justice.”

In response to the WazirX hack, the exchange has implemented several recovery strategies. The platform is exploring options including a Bounty Program offering rewards up to $10,000 worth of USDT. Also, it released a poll to consider user opinion for next steps.

Furthermore, the Indian crypto exchange is engaging with rivals and industry peers for support or a potential buyout. Additionally, the WazirX exchange had earlier approached its former partner Binance. Earlier, Binance controlled a significant portion of its revenue and WRX tokens valued at $80 million.

Liminal’s Stance On These Allegations

In an official statement obtained by Coingape, Limited refrained to comment on the WazirX exchange’s stance “due to the lack of any information on the scope and methodology of the audit they have conducted.” However, they believe that the recent investigation “actually raises serious questions on the security of their network infrastructure, operational custody controls and overall security posture.”

The spokesperson highlighted that the exchange was the custodian for five of the six keys, raising further scrutiny. They added, “As far as our front-end and UI is concerned, our preliminary audit reports categorically indicate no breach in our front-end or UI. Please note that we have empanelled more than one reputed independent auditors to conduct forensic analysis and our detailed reports are expected to arrive within this week.”

Moreover, they remain “confident that the Liminal front-end and UI were not compromised and the report and findings will be shared as soon as they are made available to us.” Furthermore, they invited Mandiant to conduct the UI audit. They stated:

“In the interest of absolute transparency at our end, we have empanelled more than one reputed auditor and are open to empanelling additional auditors, including the likes of Mandiant to conduct the UI audit as well.”

Latest Updates By The Exchange

The crypto exchange has also engaged with the Financial Intelligence Unit of India (FIU) and the Indian Computer Emergency Response Team (CERT) to address the aftermath of the breach. As part of its response, the WazirX exchange initially proposed a “55/45 approach” to mitigate customer losses.

It would allow users to access and trade 55% of their portfolio tokens. Whilst, the remaining 45% user funds would be converted to USDT and locked until fund recovery. However, this proposal faced significant backlash from customers and was eventually scrapped.

Meanwhile, after the WazirX hack fiasco, Liminal is no longer a custody partner for the exchange. Also, the platform completed the restoration of balances by undoing all trades between July 18 and July 21. This action was taken as the platform failed to block unauthorized trades during that period.