On September 9, an independent audit conducted by Grant Thornton found that the $230 million hack of the WazirX exchange in July 2024 did not originate from Liminal Custody’s infrastructure.
Audit Clears Liminal Custody of Responsibility in $230M WazirX Hack
According to a Liminal Custody blog post, the audit concluded that the breach occurred outside its system, clearing the Singapore-based crypto custodian of any direct involvement in the exploit.
WazirX situation is a joke now
WazirX auditor says their systems are clean and they're not at fault
Liminal auditor says their systems are clean and they're not at fault
To Kya Users Ne Khud Se Hacker Ko Bola Ki Le Jao Mere Paise#WazirX
— Crypto with Khan ( SFZ ) (@Cryptowithkhan) September 9, 2024
The Indian crypto exchange WazirX suffered a hack in July, resulting in a loss of over $230 million in funds. WazirX initially suspected that the issue may have stemmed from vulnerabilities between Liminal’s interface and the actual transaction data. However, the audit findings suggest otherwise.
Grant Thornton was hired to assess Liminal Custody’s involvement in the breach. After a detailed examination of Liminal’s frontend and backend infrastructure, the audit found no evidence that the custodian’s systems had been compromised.
According to Liminal Custody, the company’s multi-signature wallet model, which allows clients to maintain control of their keys, played a role in ensuring the safety of its systems. Liminal’s statement emphasized that any transactions on its platform are initiated by clients, meaning that the breach likely originated from the client’s side.
The custodial company has clarified that a complete review from auditors is still needed to understand fully how the breach occurred.
Notably, following the hack, WazirX, and Liminal Custody traded blame, as the custodial firm queried the exchange’s security infrastructure and audit validity.
It's been more than a month since WazirX got hacked
Still, nobody is taking responsibility for the hack.
Earlier, Liminal blamed WazirX for this hack.
Now WazirX is blaming Liminal for this hack.
@WazirXIndia has used a third-party independent forensic team, @Mandiant,… pic.twitter.com/wNabMpMcL6— Wise Advice (@wiseadvicesumit) August 19, 2024
Nonetheless, Grant Thornton’s initial audit has eliminated Liminal as a hack source, focusing attention on vulnerabilities within WazirX or its systems.
WazirX’s Socialized Loss Strategy Rejected by Users
In response to the hack, WazirX proposed a “socialized loss strategy” allowing users to access 55% of their funds, with the remaining 45% held by the exchange in Tether (USDT) tokens.
However, users strongly opposed this proposal, accusing WazirX of avoiding full responsibility for the incident.
The backlash forced WazirX to reverse its plan, and the exchange has since promised to explore other options for compensating users who lost funds in the breach.
WazirX has also moved its assets to new multi-signature wallets to improve security following the attack, as its exchange company Zettai calls for white knights’ support to rescue WazirX.
While the exact source of the breach remains unclear, Grant Thornton’s audit points to weaknesses within WazirX’s infrastructure rather than Liminal Custody’s system.
Liminal’s secure infrastructure, combined with their multi-signature wallets requiring client authorization, has significantly reduced the likelihood that the hack originated from their platform.
The post Liminal Custody Not Responsible for $230 WazirX Hack: Audit Finds appeared first on Cryptonews.
