In the aftermath of a $230 million security breach that rocked WazirX, one of India’s largest cryptocurrency exchanges, the company has pointed the finger at its wallet service provider, Liminal Custody, for the massive cyberattack. The announcement follows a month-long investigation by WazirX, which sought to determine the cause of the breach that led to the theft of digital assets from one of its multisignature wallets.
The investigation, conducted by Mandiant Solutions, a leading cybersecurity firm and subsidiary of Google, found no evidence that WazirX’s internal IT systems were compromised. Instead, the company has suggested that the breach stemmed from vulnerabilities within Liminal Custody’s digital asset custody and wallet infrastructure.
“While a detailed report is forthcoming, the findings largely indicate that the issue leading to the cyberattack originated from Liminal,” WazirX stated in a press release on Monday. The affected wallet, which required multiple signatures to authorize transactions, was managed using Liminal’s infrastructure, according to the exchange.
Liminal Custody, however, has strongly refuted these claims, asserting that its systems remained secure throughout the incident. In a statement released shortly after WazirX’s announcement, Liminal Custody questioned the security practices of the crypto exchange, highlighting that WazirX had control over five of the six keys required to access the wallet.
“If one were to go by the information WazirX has shared, this actually raises serious questions on the security of their network infrastructure, operational custody controls, and overall security posture,” Liminal Custody said. The company also disclosed that it had engaged independent auditors to conduct a thorough investigation into the incident.
The ongoing dispute between the two firms has escalated further, with WazirX’s founder and CEO, Nischal Shetty, taking to social media to express his concerns about Liminal’s role in the breach. In a post on X (formerly Twitter), Shetty raised several pointed questions regarding Liminal’s involvement in the cyberattack.
“Why/how did Liminal’s website show us a genuine transaction that was supposed to be signed and yet send incorrect payload for signing? Why and how did their firewall end up allowing the transaction which was not to the whitelisted address? Why and how did they end up signing and approving this malicious transaction?” Shetty asked.
Shetty also suggested that the possibility of insider involvement at Liminal could not be ruled out, adding further tension to the situation. Despite these accusations, Liminal has maintained that its systems were not at fault and has urged WazirX to reassess its own security measures.
The cyberattack, which targeted one of WazirX’s multisignature wallets, forced the exchange to temporarily suspend most of its operations as it scrambled to assess the damage and prevent further losses. The wallet in question required six signatures for transactions, five of which were controlled by WazirX, with the remaining key held by Liminal Custody.
As the investigation continues, both WazirX and Liminal Custody are under intense scrutiny, with stakeholders and the broader cryptocurrency community closely watching for any developments. The outcome of this dispute could have significant implications for the security protocols and trustworthiness of crypto exchanges and wallet service providers in the future.
WazirX’s reliance on Mandiant Solutions to clear its name may not be enough to quell concerns, especially as Liminal Custody continues to challenge the findings. The incident underscores the critical need for robust security measures and transparent accountability in the fast-evolving world of cryptocurrency trading.