No Evidence Of WazirX Laptops Being Compromised In $230-Million Breach, Forensic Analysis Finds

Cryptocurrency exchange WazirX has received a favourable outcome from a forensic analysis conducted by Mandiant Solutions, a subsidiary of Google, following a significant cyberattack that resulted in the theft of over $230 million (approximately Rs 2,000 crores) from one of the company’s Multisig wallets. The cyberattack had raised concerns about the potential compromise of laptops used by WazirX staff for executing transactions.

In a report submitted on August 14, Mandiant confirmed that there was no evidence to suggest that the three laptops used by WazirX team members for transaction-related activities had been compromised. While the detailed findings are still awaited, initial insights suggest that the vulnerability exploited in the attack may have originated from Liminal, the platform responsible for managing the affected wallet. 

ALSO READ: Want To Earn $23 Million? Help WazirX Recover Lost Funds As Part Of Its Bounty Programme

A WazirX spokesperson expressed confidence in the ongoing investigation and emphasised the company’s commitment to recovering the stolen assets. “We have full faith in the investigating agency and shall cooperate with them to the fullest extent. We are actively working on recovering the stolen funds and are hopeful that those responsible will be brought to justice,” the spokesperson said.

WazirX Breach: What Went Down

Earlier this month, WazirX filed a First Information Report (FIR) with the Delhi Special Cell, citing provisions under the Bharatiya Nyay Sanhita and the Information Technology Act. The FIR detailed that WazirX had been using Liminal’s digital asset wallet management software for executing transactions, with a Multisig wallet requiring approvals from both WazirX and Liminal to authorise any transaction. The wallet, managed by six signatories—five from WazirX and one from Liminal—was designed to process transactions only after three approvals from WazirX followed by Liminal’s final authorisation.

On July 18, WazirX team members encountered error messages while attempting to process transactions via the Liminal platform. Shortly afterwards, they discovered that a significant amount of funds had been illicitly transferred from a Liminal-managed wallet to unauthorised addresses. Investigations revealed that hackers had managed to siphon off approximately $234 million worth of digital assets.

WazirX has since taken multiple steps in response to the breach, including the appointment of forensic auditors and reporting the incident to the Financial Intelligence Unit (FIU) India and CERT-In. The exchange has also reached out to over 500 crypto platforms worldwide, seeking their cooperation in blocking the compromised addresses. In a further effort to recover the stolen assets, WazirX has launched a bounty program, offering rewards of up to $10,000 in USDT for information leading to the recovery of funds, with a potential White Hat Bounty of up to $23 million.

Disclaimer: Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Cryptocurrency is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Cryptocurrency market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.