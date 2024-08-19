Nearly a month after conducting a preliminary investigation into a security breach that led to a loss of $230 million at WazirX, the embattled crypto exchange claimed that a separate forensic analysis found no compromise of its IT systems.

WazirX said the investigation was led by cybersecurity firm Mandiant Solutions, a subsidiary of tech giant Google.

With the preliminary investigation and a forensic analysis of the security breach, the firm has once again pinned the blame on its wallet service provider, Liminal Custody, for the cyberattack.

“While a detailed report is forthcoming, the findings largely indicate that the issue leading to the cyberattack originated from Liminal. The wallet that was attacked was managed using Liminal’s digital asset custody and wallet infrastructure,” the company said in a press release.

Liminal Custody had clarified that its systems were not compromised after the cyberattack was first detected.

“If one were to go by the information WazirX has shared, this actually raises serious questions on the security of their network infrastructure, operational custody controls, and overall security posture, given that they were the custodians for 5 of the 6 keys,” Liminal said in a statement.

The company added that it had empanelled auditors to investigate the case.

In a post on social media platform X (formerly Twitter), Nischal Shetty, founder and chief executive officer (CEO) of WazirX, said the company was yet to ‘hear credible answers from Liminal.’

Shetty raised concerns about the extent of the breach on Liminal’s systems while casting scepticism on the service provider regarding the involvement of an insider leading to the theft of funds.

“Why/How did Liminal’s website show us a genuine transaction that was supposed to be signed and yet send incorrect payload for signing? Why and how did their firewall end up allowing the transaction which was not to the whitelisted address? Why and how did they end up signing and approving this malicious transaction?” he said in the post.

WazirX quoted Mandiant’s findings, stating that the cybersecurity firm "did not identify evidence of compromise on the three laptops that were used for signing transactions” at the crypto exchange.

Last month, one of WazirX’s multisig wallets suffered a breach, following which the company temporarily suspended most of its operations.

The affected multisig wallet at the firm had six signatories: five managed by WazirX and one by Liminal Custody, a platform that services the crypto exchange’s wallets.

A ‘multisig’ or multisignature wallet is a crypto wallet that requires two or more private keys to unlock and withdraw funds.