Fun

WazirX finds no evidence of compromised devices after preliminary investigation

News Feed - 2024-07-26 03:07:00

Christopher Roark5 hours agoWazirX finds no evidence of compromised devices after preliminary investigationThe exchange received emails from Liminal with the correct destination addresses, implying that Liminal’s system was breached, WazirX claimed.343 Total views1 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksA preliminary investigation of the July 18 WazirX cryptocurrency exchange hack did not find “any evidence that WazirX signers’ machines were compromised,” according to a July 25 report from the exchange’s team. The post suggested that a breach in the system of multi-party computation (MPC) wallet provider Liminal may have been the cause of the $235 million exploit.


Liminal previously released a report suggesting that compromised WazirX machines were the cause of the exploit.


“Our preliminary findings have not found any evidence that WazirX signers’ machines were compromised,” the July 25 WazirX report states. The team is conducting a “thorough forensic analysis to uncover the full details of the cyber attack” and will share “conclusive evidence” of what happened once this analysis is complete.WazirX hack analysis. Source: WazirX.


According to WazirX, despite searching for evidence that their own devices were compromised, the team’s investigators “have been unable to find any evidence that WazirX signers’ machines were compromised.” Instead, they found that the attack “involved the flow of transactions through Liminal infrastructure, as evidenced by the use of 3 WazirX signatures and 1 Liminal signature.”


The Liminal MPC wallet was supposed to prevent any withdrawals from being sent to non-whitelisted addresses. But it failed to do so, WazirX claimed.


In addition, the malicious transaction “upgraded the [multisig wallet] contract to transfer the control to the attacker,” which Liminal’s interface is not supposed to allow.


The report claims that India’s Central Bureau of Investigation (CBI) is a client of Liminal, as it uses the service to store assets seized during investigations. It suggests that the agency may not have used Liminal as a trusted custodian if it had known the wallet contract could be upgraded through Liminal’s interface.“We have representations from Liminal that their interface does not allow initiating contract upgrade from its interface. It is pertinent to state here that the Central Bureau of Investigation (CBI), India’s premier investigative agency, has entrusted Liminal Custody Solutions with the secured non-custodial storage of digital assets seized during investigations which may also be based upon such representations by Liminal.”


The report hypothesizes that there are only two different ways the hack could have occurred. First, Liminal’s infrastructure could have been breached, causing its user interface (UX) to display false information when viewed by WazirX employees. Second, three separate WazirX devices could have been compromised, causing local copies of the UI to display false information.


However, multiple pieces of evidence suggest that Liminal’s infrastructure was breached, not WazirX’s, the report argues. First, there was no new connection request sent to Wazirx’s hardware wallets. Second, the request came from a whitelisted address, and third, all of the signers “saw the expected token name (USDT and GALA) and destination address on the Liminal interface as well as received email notifications.”


WazirX claims that these pieces of evidence provide strong evidence that a Liminal breach was the cause of the attack. Even so, they “await conclusive forensic results before making a final determination.”


The report also seeks to draw attention to the hack’s wider implications for the crypto community. One major cause of the hack was the necessary practice of “blind signing” token transactions from hardware wallets. Because token transactions do not show a destination address on the wallet’s LED screen, the user cannot definitively know where they are sending their tokens. Instead, they must rely on a separate device or custody provider’s interface to give them this information.


“If a custody provider’s infrastructure is compromised, there’s a theoretical risk that displayed transaction information could be manipulated, even with robust security measures in place,” the report stated.


In Liminal’s July 19 report on the attack, it claimed that its server infrastructure “is not breached and all wallets on Liminal’s infrastructure, including WazirX’s other Gnosis SAFE wallets deployed entirely from within Liminal’s platform continue to remain safe & secure.” It suggested that the attack may have been caused by an attacker gaining control of all three of the WazirX devices.


Related:Liminal blames compromised WazirX devices for hack


The practice of “blind signing” is widely regarded as a security problem within the hardware wallet community. In December, hardware wallet manufacturer Ledger promised to reimburse users after more than $600,000 of assets were stolen from them through blind signing exploits. Ledger promised to disable the ability to blind sign after June, 2024. In its report, WazirX did not state what brand of hardware wallets were used by their employees.


Magazine:Crypto-Sec: Evolve Bank suffers data breach, Turbo Toad enthusiast loses $3.6K# Blockchain# Business# Ethereum# Ledger# Hackers# Hardware Wallet# Multisignature# HacksAdd reaction

News Feed

Bitcoin Is ‘The Most Extraordinary Bubble of Our Generation’ Says Trader
The next bitcoin bull market is only getting started, analyst claims. | Source: ShutterstockBitcoin is up by almost 180% year-to-date. To some, the disbelief rally has run its cours
Crypto Economy’s Top Privacy Coins Take a Hit After US Government Banned Tornado Cash
Crypto Economy"s Top Privacy Coins Take a Hit After US Government Banned Tornado Cash Following the U.S. government prohibiting the use of the ethereum mixing service Tornado Cash,
ETH Price to Fall to $922 by December 10, Coincodex Predicts
ETH Price to Fall to $922 by December 10, Coincodex Predicts The U.S. dollar price of ether, which presently hovers around $1,200, is expected to fall to $922.66 by Dec. 10, a Coin
Dreamr App Signups Grow 1600% Month-Over-Month Following DMR Governance Token Listing on Bittrex Global
Dreamr App Signups Grow 1600% Month-Over-Month Following DMR Governance Token Listing on Bittrex Global sponsored Dreamr Labs flagship product, theDreamr app,continues to gain momen
Twitter’s Shareholders Overwhelmingly Vote for Elon Musk to Take Over the Social Media Platform
Twitter"s Shareholders Overwhelmingly Vote for Elon Musk to Take Over the Social Media Platform Twitter’s shareholders have overwhelmingly voted for Tesla CEO Elon Musk to t
Tom Mitchelhill6 hours agoToughen up. Mt. Gox’s ex-CEO only had a ‘little calculator’ to prepare for trialMark Karpelès was seemingly drawing parallels to Sam Bankman-Fried’s recent antics, claiming to have gott
Jagjit Singh17 hours agoHow to earn passive income with peer-to-peer lendingP2P lending is a way for individuals to lend money directly to other individuals without involving traditional financial institutions, such as b
Lawsuit Against Ripple May Decide the Fate of XRP but Regulators Have the Final Say
Lawsuit Against Ripple May Decide the Fate of XRP but Regulators Have the Final Say A prolonged legal battle, which may hold the key to XRP’s future, has been extended agai
Prashant Jha11 hours agoCoinbase International launches perpetual futures trading for retail customersThe recent regulatory approval for Coinbase’s international subsidiary comes within a month of getting the NFA nod t
French Programmer Sent Bitcoin Donations to Far-Right Activists Who Participated in the US Capitol Riots
French Programmer Sent Bitcoin Donations to Far-Right Activists Who Participated in the US Capitol Riots A crypto forensic analysis reveals that a French donor s
Helen Partz8 hours agoARK, 21Shares update spot Bitcoin ETF application as next SEC deadline loomsThe latest update is the third amendment to ARK and 21Shares’ Bitcoin exchange-traded fund prospectus since the firms fi
Libra: Friend or Foe? Worst Case Scenario Post-Congressional Hearings
Facebook is in the hot seat this week, as Congress asks burning questions about the company’s Libra “cryptocurrency.” I use quotes, because in the purest sense, a cryptocurrency is decentralized, trust