Liminal Custody Clears Name in $235 Million WazirX Hack

There have seen some new interesting developments!

Liminal Custody has published a detailed report on the recent $235 million hack that targeted WazirX, one of India’s biggest cryptocurrency exchanges. The report also states that Liminal’s platform was not compromised, but the attack originated from the compromised devices at This clarification comes after WazirX, in its incident overview of the hack, mentioned Liminal’s role in its preliminary findings.

Understanding the Source of the Breach

Liminal’s investigation revealed that three WazirX devices were compromised, serving as the weak links that allowed attackers to access the wallet. These devices provided the entry points for the sophisticated hacking campaign.

Signature exploits:

The hackers employed a series of signature exploits to authorize the fraudulent transactions:

Third Signature Exploit: Similarly, the attackers secured the third required signature during an approval attempt of a legitimate USDT transaction.

First Signature Exploit: The attackers manipulated an attempt to create a transaction using the GALA protocol by exploiting discrepancies in the transaction data.

Second Signature Exploit: Another attempt by Keystone to execute a GALA transaction was compromised, indicating that multiple devices were involved in the attack.

3. Final exploit

After obtaining all necessary signatures, the attackers executed a final transaction to transfer the funds into their control. These malicious transactions were orchestrated with signatures from each compromised sequence, demonstrating a highly sophisticated, coordinated, and fully automated attack.

Integrity Remains Intact

Specifically, the report excludes the idea that Liminal’s infrastructure was compromised, shedding light on its integrity. Other Gnosis SAFE wallets are used on the WazirX platform; however, all wallets on Liminal’s platform are still safe. Liminal is still running its business and serving clients without reported concerns regarding transactions and account withdrawals.

The Investigation Continues

In response to the breach, WazirX has filed a police complaint and is pursuing additional legal actions against the perpetrators. The incident has been reported to the Financial Intelligence Unit (FIU) and CERT-In. Additionally, WazirX has reached out to over 500 exchanges to block the identified addresses associated with the hack.

Read More About This: Who’s Behind the WazirX Hack? The Mastermind Revealed

The question now is: How can the industry prevent such breaches from happening again?