WazirX recently conducted a preliminary investigation into a sophisticated cyber attack on its multi-signature Ethereum wallet. The attack, which took place earlier this month, raised significant concerns within the crypto community. Initially, the exchange attributed the hack to an issue with its custody service provider, Liminal, but further investigation revealed a different story.
Investigation Findings
According to WazirX’s blog post, no evidence was found that the machines of WazirX signers were compromised during the attack. The malicious transactions required the signatures of three WazirX signers and one from Liminal. Despite the rigorous security measures in place, the transactions were signed using devices at different locations, accessing the legitimate Liminal website.
Potential Breach Scenarios
WazirX outlined two possible scenarios that could explain the breach. The first scenario involves a breach within Liminal’s infrastructure, where malicious transactions were received directly from Liminal due to a compromise of their system. The second scenario involves malware infecting the devices of WazirX signers. However, no preliminary evidence has been found to support this theory.
The exchange emphasized that the malicious transactions did not originate from WazirX servers, pointing to a potential breach of Liminal’s security. Despite the catastrophic hack that occurred on July 18, WazirX assured its users that their fiat currency deposits remained safe. The exchange is working with relevant authorities and exploring possible partnerships to resolve the situation.
Cybersecurity experts have suggested the involvement of the North Korean Lazarus Group in the attack, known for advanced cyber attacks on financial institutions and crypto exchanges. The incident highlights the challenges of securing multi-signature wallets, particularly the risks associated with “blind signing,” where hardware wallets do not display transaction details. WazirX claims to have implemented industry-standard best practices to enhance security.
The WazirX cyber attack serves as a reminder of the evolving threats faced by cryptocurrency exchanges. The exchange’s response to the incident and its commitment to improving security measures are crucial in fostering trust among users. As the crypto landscape continues to evolve, exchanges must remain vigilant and proactive in safeguarding users’ assets.