Following the $230 million hack of Indian crypto exchange WazirX earlier this month, cryptocurrency custody service provider Liminal has pushed back against accusations that the attack involved its infrastructure.
A Liminal spokesperson told Decrypt that the company’s systems were not compromised in order to recently funnel $230 million of WazirX’s crypto assets. A compromised multi-signature smart contract wallet used in the attack was allegedly “created independently and further imported on the Liminal platform,” they claimed.
“As a wallet infrastructure support platform, we emphasize that this incident originated from an external source, underscoring the crucial need for comprehensive security measures across platforms,” the spokesperson concluded.
The firm's statement doubled down on a July 19 Twitter post-mortem, in which it stated that its platform "was not breached," and that "Only one Gnossis [sic] SAFE wallet created previously by our client and imported into our platform is affected."
In light of recent events, we want to clarify that Liminal's platform was not breached. Our platform continues to remain secure and fully operational for all our clients, including WazirX.
As part of our security process, we've conducted a comprehensive forensic analysis. Our…
— Liminal Custody🚀 (@liminalcustody) July 19, 2024
That puts Liminal at odds with WazirX, which on July 25 published its own internal investigation into the hack, claiming that “malicious transactions involved signatures from three WazirX signers and one from Liminal, confirming the use of Liminal’s infrastructure.”
WazirX’s report claimed that the firm had “been unable to find any evidence that WazirX signers’ machines were compromised,” adding that, “the malicious transaction was not sent to any of the destination addresses in the whitelisted addresses, which should have been prevented by Liminal.”
In a July 29 announcement, Liminal stated that preliminary investigations pointed to “a customer level compromise via a sophisticated intrusion,” The firm told Decrypt its investigation found that the company’s “platform, infrastructure, wallets, and assets remain secure.”
Furthermore, Liminal added that its platform “continues to operate seamlessly” and has been processing transfers and withdrawals for all our customers. The firm noted that it, “securely protects all assets,” including “significant funds that continue to remain held on our infrastructure,” belonging to WazirX.
Decrypt has contacted WazirX for comment, and will update this article should they respond.
The hack earlier this month saw WazirX pause crypto and rupee withdrawals, after a "security breach" that saw almost $235 million in funds moved to a new address funded by coin mixer Tornado Cash.
Assets swapped to ETH in a series of “suspicious transactions” during the exploit reportedly included PEPE, GALA and USDT.