The recent hack on India-based crypto exchange WazirX has brought attention to the security infrastructure of multiparty computation (MPC) wallet provider Liminal. In their post-mortem report released on July 19, Liminal stated that their system remained secure and was not compromised in the breach that resulted in an estimated loss of $235 million.
Analysis of the Breach
According to the report, the attack on WazirX was attributed to compromised devices within the exchange’s network, rather than any fault in Liminal’s user interface. The breach occurred because three of WazirX’s devices were compromised, allowing the attacker to exploit their multi-signature wallet system.
Liminal’s report highlighted a critical security flaw in WazirX’s system, where compromised devices provided legitimate transaction details that were manipulated by the attacker. The attacker used different admin accounts for initial transactions, leading to signature mismatches, which ultimately enabled the transfer of funds to their Ethereum account.
Responsibility and Accountability
While Liminal refuted the exchange’s claims that their servers caused incorrect information to be displayed, questions remain unanswered regarding how the attacker initially gained access to the compromised devices. The report suggested the possibility of a sophisticated man-in-the-middle (MIM) attack or similar client-side compromise as the likely cause.
WazirX has stated that they are reaching out to law enforcement and pursuing additional legal actions in response to the breach. The immediate plan of action includes tracing the stolen funds and conducting a deeper analysis in collaboration with forensic experts to recover customer funds.
The Liminal report provides valuable insights into the cybersecurity incident at WazirX and the vulnerabilities that led to the breach. The critical analysis of the attack underscores the importance of robust security measures in protecting user funds and preventing unauthorized access to sensitive information. As the investigation continues, it is essential for both Liminal and WazirX to take proactive steps to strengthen their security infrastructure and mitigate the risk of future breaches.
Leave a Reply