WazirX and Liminal are passing the buck on the recent $230-million crypto hack that siphoned nearly half of WazirX’ digital assets. 

WazirX noted in a press release that a forensic investigation by Mandiant Solutions gives the exchange’s internal infrastructure a clean chit. The Google subsidiary (Mandiant) said in its report that WazirX’ systems and laptops were not compromised during the attack.  

The report concluded that the issue likely stemmed from its former infrastructure and custody partner, Liminal. However, the custodian has vehemently refuted the claims. Moreover, it has raised questions on the exchange’s security systems.

Liminal Custody has clarified that its systems were not compromised after the cyberattack was first detected.

“If one were to go by the information WazirX has shared, this actually raises serious questions on the security of their network infrastructure, operational custody controls and overall security posture, given that they were custodians for five of the six keys,” Liminal said in a statement.

The attack targeted a multisig wallet, an advanced crypto wallet that requires multiple private keys to authorise transactions. The compromised wallet had six signatories: five from WazirX and one from Liminal.

According to the exchange, “All transactions from the Multisig wallet required approval from three members of WazirX, followed by the final authorisation from Liminal.” Despite this, the forensic report said, “We did not identify evidence of compromise on the three laptops that were used for signing transactions.”

Related Topics