Indian crypto exchange WazirX: Indian cryptocurrency exchange WazirX has detailed a major security breach affecting one of its multisig wallets. The attack has resulted in the loss of digital assets worth more than $230 million. It has also been officially acknowledged by issuing a statement on X (formerly Twitter) and all withdrawals have been temporarily suspended to ensure the safety of the remaining assets.
Details revealed by WazirX report
According to WazirX’s ‘preliminary report’, the compromised wallet had been using Liminal’s digital asset custody and wallet infrastructure since February 2023. According to the report, this wallet was required to get approval from six signers (people who approve transactions) – five from WazirX and one from Liminal. For a transaction to be completed, three WazirX signers and a Liminal signer had to approve it. They also had a security rule that only allowed transactions to pre-approved addresses.
How did the hack happen?
The attackers were able to exploit the difference between what was shown on Liminal’s interface and what was actually happening in the transaction. They altered the transaction to gain control of the wallet, bypassing the security measures.
What did WazirX say?
WazirX claimed that even though it had strong security systems in place, the hackers still managed to breach it. The exchange is now trying to block any further deposits and recover the stolen funds.
What did Liminal say?
Liminal had clarified in an earlier statement that their system had not been breached. They said that the hacked wallet was created outside their system, and all wallets on their platform are safe.
Also read: Bharti Singh: Famous comedian Bharti Singh’s YouTube channel got hacked, know how you can keep it safe