A third-party forensic investigation into the $230 Mn crypto hack on WazirX found no evidence of compromise on the laptops that were used to process transactions from the hacked wallet
WazirX said that the findings largely indicate that the cyberattack originated from wallet infra provider and former partner Liminal
This comes days after WazirX made a U-turn on its proposal to make customers absorb 45% of the losses caused by the heist following massive backlash
A probe into the hack that led to the Indian crypto exchange WazirX losing more than $230 Mn from one of its multisig wallets has revealed that its systems and laptops were not compromised in the cyberattack.
Mandiant Solutions – a subsidiary of Google – which was hired by WazirX to carry out the forensic investigation, has given it a “clean chit”, the exchange said in a blog post.
A multisig wallet requires two or more private keys to access cryptocurrency assets or transfer them.
Last month, WazirX was hit by a cyberattack, with hackers stealing nearly $234.9 Mn in crypto assets, representing 45% of total user funds on the platform. Consequently, WazirX halted operations and withdrawals on the platform.
The security breach reportedly impacted WazirX’s Safe Multisig wallet, which required authorisation from three members of the crypto exchange and then a final go-ahead from former partner and wallet infrastructure provider Liminal to process transactions.
Mandiant did not find any evidence of compromise on the three laptops that were used for signing transactions, WazirX said, underlining that while a detailed report is awaited, the findings largely indicate that the cyberattack originated from Liminal.
WazirX noted that the hacked wallet was using Liminal’s digital asset custody and wallet infrastructure.
“We have full faith in the investigating agency and shall cooperate with them to the fullest extent. We are actively working on recovering the stolen funds and are hopeful that those responsible will be brought to justice,” a spokesperson for WazirX said.
Moneycontrol reported the development first.
This comes days after WazirX ditched Liminal and began migrating its remaining assets held with the latter to new multisig wallets.
Earlier this month, WazirX said that a first information report (FIR) has been filed in connection with the $230 Mn cyberattack on the crypto exchange.
Further, a petition has also been filed with the National Company Law Tribunal (NCLT) against WazirX and others seeking probe into the hack.
Earlier, it was also reported that WazirX has taken a U-turn on its socialised loss strategy following backlash from users. The crypto exchange had earlier proposed to make customers absorb 45% of the losses caused by the hack.
However, the proposal faced flak from the crypto community, with many deeming WazirX’s 55-45 approach as unfair as under the proposal, 45% of their portfolio tokens would have been converted into USDT-equivalent tokens and locked, which could have brought down the value of their overall portfolio
.