Hacked crypto exchange WazirX on August 19 said that its systems and laptops were not compromised as per a forensic investigation following the $230-million cyberattack on one of its multisig wallets.
Multisig wallets are crypto wallets which require two or more private keys to unlock and move funds. In the security breach last month, country’s largest crypto exchange WazirX lost nearly 45 percent of its holding assets.
WazirX hired Mandiant Solutions, a Google subsidiary to conduct the forensic investigation. The exchange said it has received a “clean chit” from Mandiant.
The hacked wallet required had six signatories, from which five were of the WazirX and one from infrastructure and custody partner Liminal.
“All transactions from the Multisig wallet required approval from three members of WazirX, followed by the final authorisation from Liminal,” WazirX said.
The report said, “We did not identify evidence of compromise on the three laptops that were used for signing transactions.”
WazirX reiterated that while a detailed report is expected soon, “the findings largely indicate that the issue leading to the cyberattack originated from Liminal.”
“We have full faith in the investigating agency and shall cooperate with them to the fullest extent. We are actively working on recovering the stolen funds and are hopeful that those responsible will be brought to justice,” a WazirX spokesperson said.
In a strong denial later, Liminal's spokesperson said their front end and UI too were not compromised as per their preliminary audit reports. Liminal said it has "empanelled more than one reputed independent auditors to conduct forensic analysis and our detailed reports are expected to arrive within this week."
"We cannot comment on the statement put out by WazirX, due to the lack of any information on the scope and methodology of the audit they have conducted. Having said that, if one were to go by the information they’ve shared, this actually raises serious questions on the security of their network infrastructure, operational custody controls and overall security posture, given that they were the custodians for 5 of the 6 keys," the spokesperson said.
"We are confident that the Liminal front-end and UI were not compromised and the report and findings will be shared as soon as they are made available to us," they added.
Meanwhile, WazirX is also currently working on exploring recovery plans including announcing a Bounty Program with rewards up to $10,000 worth of USDT, speaking with rivals and peers for support or a buy out.
Moneycontrol had earlier exclusively reported that WazirX had even tapped its former partner Binance, which according to sources, controlled a surplus of WazirX's revenue and its WRX tokens worth $80 million.
The exchange had also submitted its records to the Financial Intelligence Unit—India (FIU-IND) and the Indian Computer Emergency Response Team (CERT-In).
One of the proposed solutions had to be scrapped after facing heavy push back from the customers. The exchange had suggested a 55/45 approach or socialising the losses, wherein irrespective of whether the customer’s assets have been stolen, they will be able to access and trade around 55 percent of their portfolio tokens, as the exchange restarted trading on the platform.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
