A Month After $230 Mn Crypto Heist, WazirX Dumps Wallet Infra Provider Liminal

Hit by a $230 Mn heist last month, crypto exchange WazirX is terminating its arrangement with wallet infrastructure provider Liminal.

In a post on X on Wednesday (August 14), the exchange said it is in the process of migrating its remaining assets held with Liminal to new multisig wallets. WazirX attributed the move to the need to ensure maximum security of its crypto assets in “light of recent events”, hinting at the crypto hack.

“This step (migrating assets) is essential to ensure maximum security of the assets in light of recent events. While we believe our interface and systems remain uncompromised, the same cannot be said for the custodian’s interface post the July 18th incident, prompting this precaution,” said WazirX. 

The homegrown crypto exchange also said that it is exercising “extreme caution” in how and when to transfer these assets due to the “complexity” of the entire process. Assuaging users of the safety of the move, the company refused to provide any exact timeline for the migration of the crypto assets. 

It is pertinent to note that this is not the first time that the Indian crypto exchange has sparred publicly with the wallet infrastructure provider. Right after the heist, WazirX claimed that the attack likely originated from Liminal’s infrastructure as the hackers bypassed the latter’s final verification step.

However, the digital asset management platform denied the allegations and claimed that the “incident originated from an external source”.

“… Our initial assessment indicates that Liminal’s platform, infrastructure, wallets, and assets remain secure… As a wallet infrastructure support platform, we emphasise that this incident originated from an external source, underscoring the crucial need for comprehensive security measures across platforms,” Liminal said at the time.

The latest development comes nearly a month after hackers decamped with crypto assets worth $230 Mn from WazirX’s multisig wallet on July 18. The cyberattack led to the loss of 45% of the crypto exchange’s customer funds. 

Quickly afterwards, the company announced a bounty programme and offered a prize of $23 Mn to help recover the stolen funds. It also called on blockchain forensics experts and cybersecurity professionals worldwide to help regain access to the stolen assets. 

Later on, US’ Federal Bureau of Investigation (FBI) reportedly joined the probe and attributed the hack to unnamed North Korean hackers. Last month, cybersecurity firm CYFIRMA claimed that North Korea-backed hacker group Lazarus was behind the security breach. 

Additionally, the crypto exchange had also sought public feedback from its users to make customers absorb 45% of the losses. After a public outlash, it “decided to go slow” on its 55-45 approach and later shelved the plan.

Last week, a first information report (FIR) was also filed by a special cell of the Delhi Police in connection with the $230 Mn cyberattack. Meanwhile, just days ago, a plea was filed before the National Company Law Tribunal (NCLT) against WazirX and others for an investigation into the high-profile crypto heist.

The post A Month After $230 Mn Crypto Heist, WazirX Dumps Wallet Infra Provider Liminal appeared first on Inc42 Media.