The post Liminal says infrastructure was not responsible for WazirX hack, blames compromised devices appeared on BitcoinEthereumNews.com.

Multiparty computation (MPC) wallet provider Liminal said its infrastructure remains safe and was not compromised in the recent hack of India-based crypto exchange WazirX. The firm made the statement in its post-mortem report on July 19. The report attributes the breach to compromised devices within WazirX’s network, clarifying that Liminal’s user interface (UI) was not responsible. The exchange had earlier stated that the attack occurred due to a discrepancy between the data displayed on Liminal’s interface and the actual contents of the transactions. WazirX said its private keys were secured with hardware wallets. Liminal’s post-mortem According to Liminal, the July 18 breach, which resulted in an estimated $235 million loss, occurred because three of WazirX’s devices were compromised. Liminal explained that its multi-signature wallet system was configured to provide a fourth signature if three valid signatures were received from WazirX. This setup allowed the attacker to exploit the compromised devices. Liminal’s report detailed that the attack began when one of WazirX’s compromised devices initiated a legitimate transaction involving Gala Games tokens (GALA). Liminal’s server verified the transaction’s validity by issuing a “safeTxHash.” However, the attacker replaced this hash with an invalid one, causing the transaction to fail. According to the firm: “The fact that the attacker could alter the hash suggests that WazirX’s device was compromised before the transaction attempt.” The report explained that the compromised devices at WazirX provided legitimate transaction details, which the attacker manipulated. In each of the three initial transactions, the attacker used different WazirX admin accounts, leading to transaction failures due to signature mismatches. The attacker then extracted the signatures from these failed transactions to initiate a new, fourth transaction, which was crafted to appear legitimate to Liminal’s system. Because this fourth transaction used valid details and the nonce from a previously failed transaction, it was…

---

Filed under: News - @ July 20, 2024 1:26 am