Liminal Custody, a cryptocurrency custody provider, claims that an independent audit concluded the hack of WazirX for $230,000,000 was not caused by vulnerabilities in their infrastructure.
A blog from Liminal on September 9, 2009, stated that an audit conducted by Grant Thornton had confirmed the fact that Liminal Custody infrastructure wasn’t involved in WazirX’s $230 million hack. According to reports, the findings revealed that this breach took place outside of Liminal’s infrastructure.
WazirX hacker’s not able to breach Liminal systems
The WazirX hackers stole more than 230 millions dollars in various crypto currencies from the exchange, forcing it to stop all its operations.
WazirX’s first report on the incident cited discrepancies in Liminal interface data and transactions as possible sources of breach.
The audit by Grant Thornton found that there was no indication of a compromise in Liminal’s system.
Liminal Custody has stated that their “frontend, backend infrastructure” is safe and secure. There are no vulnerabilities in the system that would affect transaction flow.
The custodian said that the discrepancy between data payloads received by the client and the ones generated by the system could be caused either due to weaknesses in the infrastructure of the client or custodian front-end systems.
The blog stated that Liminal still awaits a “full end-to-end audit” by its auditors.
Liminal also stressed that the multi-signature wallet ensures the keys of the clients remain in the client’s possession, while all transactions originate at the client end, making it impossible to perform transactions on its own.
In contrast to the findings of the past, WazirX’s independent forensics analysis, conducted by Mandiant Solutions (a subsidiary of Google), found that there was no evidence on any of the laptops the exchange used for transactions.
The true cause of the breach is still unknown.
WazirX hack efforts to recover in vain
WazirX’s hack on July 18, 2018 stands out among the major cyber security breaches of 2018.
The attack resulted in the theft of over 15,000 Ethereums and other tokens from a multisignature wallet. This impacted 45% customer funds and left WazirX struggling with maintaining a 1:1 ratio for collateral, which put the stability of the platform at risk.
The Delhi Police received a First Information Report on 6 August and launched a Bounty Program. However, these efforts were unsuccessful.
Tornado Cash is a cryptocurrency mixing service that has been used by the attackers to convert and launder stolen funds.
Data from Arkham showed that on Sep. 9 a total of 5,000 ETH worth approximately $11 million was transferred to a different address.
Tornado Cash received an additional $1.2 Million in tokens after five more transactions.
As of the date of this article, 7200 ETH valued at approximately $16.78million had been laundered. The perpetrators were still holding tokens worth $107million in their main wallet.
WazirX, in the meantime is pursuing a Singapore Scheme of Arrangement. This restructuring process, which falls under Singapore’s laws on insolvency, allows a financial distressed company to restructure their debts, under the supervision of Singapore High Court.
The post WazirX Hack: Audit clears Liminal Custody in $230 Million Breach appeared first on ICD
This site is for entertainment only. Click here to read more
