Google’s Mandiant Debunks Laptop Compromise Claims in WazirX $234M Breach

Mandiant said it found no evidence of compromise on the three WazirX laptops used for signing transactions.

Crypto Reporter Shalini Nagarajan Crypto Reporter Shalini Nagarajan About Author Shalini is a crypto reporter who provides in-depth reports on daily developments and regulatory shifts in the cryptocurrency sector. Author Profile Share Copied Last updated: August 19, 2024 04:35 EDT

Why Trust Cryptonews With over a decade of crypto coverage, Cryptonews delivers authoritative insights you can rely on. Our veteran team of journalists and analysts combines in-depth market knowledge with hands-on testing of blockchain technologies. We maintain strict editorial standards , ensuring factual accuracy and impartial reporting on both established cryptocurrencies and emerging projects. Our longstanding presence in the industry and commitment to quality journalism make Cryptonews a trusted source in the dynamic world of digital assets. Read more about Cryptonews

About a month after hackers breached WazirX, leading to a $234m loss, Google-owned cybersecurity firm Mandiant cleared the crypto exchange, confirming there were no security breaches.

On Monday, Mandiant said in a blog that the exchange hired the firm to perform a forensic analysis following the incident. The objective was to assess whether any among the three laptops the WazirX team used had been compromised.

“We did not identify evidence of compromise on the three laptops that were used for signing transactions,” Mandiant said.

Mandiant’s Early Findings Indicate Liminal as Likely Origin of WazirX Hack

Mandiant said it would release a more detailed report. But preliminary findings suggest Liminal, WazirX’s multi-party computation wallet provider, was at the cyberattack’s source.

“We have full faith in the investigating agency and shall cooperate with them to the fullest extent,” a WazirX spokesperson said. “We are actively working on recovering the stolen funds and are hopeful that those responsible will be brought to justice.”

Meanwhile, WazirX co-founder Nischal Shetty said on X: “We’re glad that it’s all clear there is NO compromise on WazirX side.” He added the team is yet to hear credible answers from Liminal on what led to the cyberattack.

Liminal chose to blame WazirX laptops quickly post the incident without any proofs.

WazirX decided to bring in one of the best forensic team which is Mandiant, a Google subsidiary, to conduct a thorough forensic analysis of all three laptops that were involved during the… https://t.co/A285cMtNoA — Nischal (Shardeum) 🔼 (@NischalShetty) August 19, 2024

Exchange Alleges Liminal Security Failure, Shifts Assets to New Wallets

Last week, WazirX announced it would move remaining assets from custody partner Liminal to new multisig wallets. The exchange implied that Liminal was likely the origin of the breach. However, both WazirX and Liminal have issued contradictory statements, each accusing the other of being responsible for the hack.

In a report issued on July 25, WazirX declared it found no signs of compromise in its infrastructure’s signer machines.

The investigation further showed that the transactions from the hack were executed via Liminal’s infrastructure, using three signatures from WazirX and one from Liminal. This points to a possible flaw in Liminal’s security measures. The exchange stated that the Liminal MPC wallet, designed to block withdrawals to unauthorized addresses, did not function as intended.