Advertise
Sohrab Khawas
Sohrab Khawas
Author
Sohrab is a passionate cryptocurrency news writer with over five years of experience covering the industry. He keeps a keen interest in blockchain technology and its potential to revolutionize finance. Whether he's trading or writing, Sohrab always keeps his finger on the pulse of the crypto world, using his expertise to deliver informative and engaging articles that educate and inspire. When he's not analyzing the markets, Sohrab indulges in his hobbies of graphic design, minimal design or listening to his favorite hip-hop tunes.
- Jul 19, 2024 17:08 UTC
-
Liminal Custody Clears Name in $235 Million WazirX Hack
Liminal Custody confirms its platform was not compromised but three WazirX devices were breached, leading to the $235 million hack.
Hackers employed sophisticated tactics to obtain necessary signatures for fraudulent transactions.
Liminal's infrastructure remains intact, and it continues operations unaffected by the incident.
There have seen some new interesting developments!
Liminal Custody has published a detailed report on the recent $235 million hack that targeted WazirX, one of India’s biggest cryptocurrency exchanges. The report also states that Liminalโs platform was not compromised, but the attack originated from the compromised devices at This clarification comes after WazirX, in itsย incident overviewย of the hack, mentioned Liminalโs role in its preliminary findings.
Understanding the Source of the Breach
Liminalโs investigation revealed that three WazirX devices were compromised, serving as the weak links that allowed attackers to access the wallet. These devices provided the entry points for the sophisticated hacking campaign.
Signature exploits:ย
The hackers employed a series of signature exploits to authorize the fraudulent transactions:
Third Signature Exploit: Similarly, the attackers secured the third required signature during an approval attempt of a legitimate USDT transaction.
First Signature Exploit: The attackers manipulated an attempt to create a transaction using the GALA protocol by exploiting discrepancies in the transaction data.
Second Signature Exploit: Another attempt by Keystone to execute a GALA transaction was compromised, indicating that multiple devices were involved in the attack.
3. Final exploit
After obtaining all necessary signatures, the attackers executed a final transaction to transfer the funds into their control. These malicious transactions were orchestrated with signatures from each compromised sequence, demonstrating a highly sophisticated, coordinated, and fully automated attack.
Integrity Remains Intact
Specifically, the report excludes the idea that Liminalโs infrastructure was compromised, shedding light on its integrity. Other Gnosis SAFE wallets are used on the WazirX platform; however, all wallets on Liminalโs platform are still safe. Liminal is still running its business and serving clients without reported concerns regarding transactions and account withdrawals.
The Investigation Continues
In response to the breach, WazirX has filed a police complaint and is pursuing additional legal actions against the perpetrators. The incident has been reported to the Financial Intelligence Unit (FIU) and CERT-In. Additionally, WazirX has reached out to over 500 exchanges to block the identified addresses associated with the hack.
Read More About This: Whoโs Behind the WazirX Hack? The Mastermind Revealed
The question now is: How can the industry prevent such breaches from happening again?
Yes 
No 
