Liminal Custody Exonerated from Liability in $230 WazirX Hack: Audit Reveals

On September 9, an independent audit by Grant Thornton determined that the $230 million hack of the WazirX exchange in July 2024 did not stem from Liminal Custody’s infrastructure.

Audit Exonerates Liminal Custody in $230M WazirX Hack

A blog post from Liminal Custody stated that the audit revealed the breach took place outside its system, thereby absolving the Singapore-based crypto custodian of any direct involvement in the incident.

WazirX situation is a joke now
WazirX auditor states their systems are clean and they are not at fault
Liminal auditor confirms their systems are clean and they are not at fault
So did users tell the hacker to take their money? #WazirX

— Crypto with Khan ( SFZ ) (@Cryptowithkhan) September 9, 2024

The Indian crypto exchange WazirX experienced a hack in July, leading to a loss exceeding $230 million in assets. Initially, WazirX suspected that the problem might have arisen from vulnerabilities between Liminal’s interface and the actual transaction data. However, the audit results indicate otherwise.

Grant Thornton was engaged to evaluate Liminal Custody’s role in the breach. Following a thorough review of Liminal’s frontend and backend systems, the audit found no indications that the custodian’s infrastructure had been compromised.

Liminal Custody stated that its multi-signature wallet model, which enables clients to retain control of their keys, contributed to the security of its systems. The statement from Liminal highlighted that all transactions on its platform are initiated by clients, suggesting that the breach likely originated from the client’s end.

The custodial firm has noted that a comprehensive review by auditors is still necessary to fully comprehend how the breach transpired.

Significantly, after the hack, WazirX and Liminal Custody exchanged accusations, with the custodial firm questioning the exchange’s security measures and the validity of its audits.

It has been over a month since WazirX was hacked
Yet, no one is accepting responsibility for the hack.
Previously, Liminal held WazirX accountable for this hack.
Now WazirX is blaming Liminal for this hack.
@WazirXIndia has engaged a third-party independent forensic team, @Mandiant,… pic.twitter.com/wNabMpMcL6

— Wise Advice (@wiseadvicesumit) August 19, 2024

Nevertheless, Grant Thornton’s preliminary audit has ruled out Liminal as a source of the hack, shifting the focus to vulnerabilities within WazirX or its systems.

WazirX’s Socialized Loss Proposal Rejected by Users

In the aftermath of the hack, WazirX suggested a “socialized loss strategy” that would permit users to access 55% of their funds, while the remaining 45% would be retained by the exchange in Tether (USDT) tokens.

However, users vehemently opposed this proposal, accusing WazirX of shirking full accountability for the incident.

This backlash compelled WazirX to retract its plan, and the exchange has since committed to exploring alternative methods for compensating users who lost assets in the breach.

WazirX has also transferred its assets to new multi-signature wallets to enhance security following the attack, as its exchange company Zettai seeks support from white knights to assist WazirX.

While the precise origin of the breach remains uncertain, Grant Thornton’s audit highlights weaknesses within WazirX’s infrastructure rather than Liminal Custody’s systems.

Liminal’s secure infrastructure, along with their multi-signature wallets requiring client authorization, has considerably diminished the likelihood that the hack originated from their platform.

The post Liminal Custody Not Responsible for $230 WazirX Hack: Audit Finds appeared first on Cryptonews.