news-28072024-040558

Wazir X recently revealed new information about the $235 million hack that took place, pointing fingers at their custody service provider, Liminal Custody. The report suggests that a security breach at Liminal may have led to a fraudulent transaction being approved to a hacker’s wallet address. This breach was not initially detected as nothing seemed suspicious on the surface.

The cyber attack involved signatures from three WazirX signers and one from Liminal, indicating the use of Liminal’s infrastructure. Liminal’s MPC wallet system uses one key controlled by them to sign transactions, ensuring that only approved transactions to whitelisted wallets are authorized.

However, it appears that the hacker manipulated Liminal’s interface, displaying a whitelisted address to all key holders involved in the transaction. This led to the transfer going to a completely different address owned by the hacker. The hardware security modules used for signing transactions did not display the receiver’s address, making it easier for the hacker to carry out the manipulation.

WazirX signers relied on transfer details displayed on the Liminal website to confirm what they were signing, assuming the transaction information was accurate. The malicious transaction signed by the key holders transferred control to the attacker, despite claims from Liminal that no breach occurred on their end.

Liminal has not responded to these new developments, despite previous claims that the hack did not originate from their systems. The exchange emphasized the importance of ensuring the security of all parties involved in such transactions and the need for increased vigilance in the face of sophisticated cyber attacks.

In light of this incident, it is crucial for companies and individuals using custodian services to conduct thorough security checks and implement additional layers of protection to prevent similar breaches in the future. The need for transparency and accountability in the cryptocurrency space is more important than ever to maintain trust and confidence among users and investors.