Business

WazirX, Liminal Custody Blame Each Other as $230M Crypto Exploit Leaves Customers Stranded

  • Liminal Custody said three WazirX wallets were breached in the lead-up to the $230 million exploit.

  • WazirX said that a discrepancy on Liminal’s interface triggered the loss. If filed a police report today.

  • Security firm Elliptic said on Thursday that North Korean hackers appear to be behind the hack.

  • Over $67M in Crypto Lost to Hacks and Exploits in February: Immunefi Report

    00:56

    Over $67M in Crypto Lost to Hacks and Exploits in February: Immunefi Report

  • Running With Crypto: 5 Questions With TRM Labs' Ari Redbord

    00:59

    Running With Crypto: 5 Questions With TRM Labs’ Ari Redbord

  • Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts

    09:43

    Hacks Involving North Korea Are ‘Even Greater Problem’: Legal Experts

  • Breaking Down the State of Hacking in 2024

    02:01

    Breaking Down the State of Hacking in 2024

  • WazirX and Liminal Custody, the two firms at the center of yesterday’s $230 million exploit, are blaming each other for the success of the attack, leaving users in the dark over the security of their funds.

    In a post on X, Indian crypto exchange WazirX said the exploit was related to a multisig wallet using Liminal’s digital asset custody service. The attack stemmed from a “discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents,” it said.

    Liminal, for its part, said its infrastructure had not been breached and that all wallets – including WazirX’s – remain safe. A multisig wallet is one that requires several people to sign a transaction before it can be executed.

    “There is no breach in Liminal’s infrastructure, wallets and assets,” Liminal said in a blog post. “Unfortunately three of the victims machines have been found injecting malicious payloads into the transaction indicating a sophisticated, well planned and targeted attack on one specific Gnosis Smart Contract Multi-Sig wallet.”

    The exchange filed a police report and engaged with the Indian Computer Emergency Response Team (CERT-In) earlier today. The stolen funds account for more than 45% of its $500 million holdings, according to a transparency report from June. Crypto security firm Elliptic said that North Korean hackers appear to be behind the exploit.

    Liminal did not respond to a request for comment.

    Edited by Sheldon Reback.

    Disclosure

    Please note that our

    privacy policy,

    terms of use,

    cookies,

    and

    do not sell my personal information

    has been updated

    .

    CoinDesk is an

    award-winning

    media outlet that covers the cryptocurrency industry. Its journalists abide by a

    strict set of editorial policies.

    In November 2023

    , CoinDesk was acquired

    by the Bullish group, owner of

    Bullish,

    a regulated, digital assets exchange. The Bullish group is majority-owned by

    Block.one; both companies have

    interests

    in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin.

    CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Related Articles

    Back to top button