The recent hack of India-based crypto exchange WazirX has sent shockwaves throughout the cryptocurrency community. However, multiparty computation (MPC) wallet provider Liminal has stepped forward to clarify that its infrastructure was not compromised in the attack. According to Liminal’s post-mortem report on July 19, the breach was attributed to compromised devices within WazirX’s network, absolving Liminal’s user interface (UI) from responsibility. This revelation sheds light on the complex nature of the hack and raises questions about the security measures in place at WazirX.
Liminal’s report detailed that the hack, which resulted in an estimated $235 million loss, occurred due to three of WazirX’s devices being compromised. The multi-signature wallet system implemented by Liminal was configured to provide a fourth signature if three valid signatures were received from WazirX. This setup inadvertently allowed the attacker to exploit the compromised devices within WazirX’s network, highlighting a critical vulnerability in the exchange’s security infrastructure.
The attack began when one of WazirX’s compromised devices initiated a legitimate transaction involving Gala Games tokens (GALA). Liminal’s server verified the transaction’s validity by issuing a “safeTxHash,” which was subsequently replaced by the attacker with an invalid hash, causing the transaction to fail. This manipulation of transaction details by the attacker showcases the depth of the breach and the extent to which WazirX’s devices were compromised.
Liminal refuted claims made by WazirX that its servers caused incorrect information to be displayed, asserting that the compromised devices within WazirX’s network sent malicious payloads. The MPC provider highlighted that its system automatically provides the final signature once the required number of valid signatures is received from the client, emphasizing the secure nature of its infrastructure. However, critical questions remain unanswered, including how the attacker initially gained access to the three WazirX devices, pointing to the possibility of a sophisticated man-in-the-middle (MIM) attack or similar client-side compromise.
In response to the hack, WazirX has reached out to law enforcement and is pursuing additional legal actions to address the breach. The immediate plan of action is to trace the stolen funds and conduct a deeper analysis of the hack in collaboration with forensic experts to recover the customer funds. This proactive approach by the exchange signals a commitment to mitigating the impact of the hack and restoring trust within the cryptocurrency community.
The recent hack on WazirX serves as a stark reminder of the evolving cyber threats facing cryptocurrency exchanges. The detailed post-mortem report released by Liminal unveils the complexities of the breach and underscores the need for robust security measures to protect against future attacks. By dissecting the attack process and understanding the vulnerabilities exploited by the attacker, the crypto community can work towards fortifying its defenses and safeguarding user assets.
Leave a Reply