Multiparty Computation (MPC) Wallet Provider Liminal Ensures Safety After WazirX Hack
Liminal, a provider of multiparty computation (MPC) wallets, reassured its users that its infrastructure remains secure following the recent hack of Indian cryptocurrency exchange WazirX. In a post-mortem report released on July 19, the company clarified that its user interface was not responsible for the breach.
WazirX Hack Explained
According to Liminal’s investigation, the hack on July 18 was a result of compromised devices within WazirX’s network. The breach led to an approximate loss of $235 million. Liminal’s multi-signature wallet system was configured to require three valid signatures from WazirX to authorize transactions. However, the attacker was able to exploit a vulnerability in WazirX’s devices to obtain a fourth signature, bypassing security measures.
Security Measures in Place
WazirX had previously stated that its private keys were stored securely in hardware wallets. Despite the breach, Liminal emphasized that its MPC technology remains safe and that it continues to work on enhancing security protocols to prevent similar incidents in the future.
Security Breach at WazirX Exposed in Liminal Report
A recent report by cybersecurity firm Liminal has exposed a security breach at WazirX, a popular cryptocurrency exchange platform. The report revealed that compromised devices within WazirX’s system were used in a sophisticated attack involving Gala Games tokens.
The attack, as detailed by Liminal, began with a compromised WazirX device initiating a legitimate transaction using Gala Games tokens. The server issued a “safeTxHash” to verify the transaction, which was then replaced by the attacker with an invalid hash, resulting in the transaction’s failure.
Liminal’s findings indicated that the attacker had access to WazirX’s device prior to the transaction attempt, allowing them to manipulate legitimate transaction details provided by the compromised devices. The attacker used different admin accounts in three initial failed transactions, causing signature mismatches and transaction failures.
Subsequently, the attacker extracted signatures from the failed transactions to create a fourth transaction that appeared legitimate to Liminal’s system. This sophisticated attack highlights the importance of robust cybersecurity measures to protect against such breaches in the cryptocurrency industry.
Security Breach at Liminal
Recently, there was a security breach at Liminal, a company that provides MPC services. The breach occurred when an attacker used valid details from a previous failed transaction to gain access to Liminal’s server. This resulted in funds being transferred from a multisig wallet to the attacker’s Ethereum account.
Response to WazirX Claims
Liminal has refuted claims made by WazirX, an exchange platform, that Liminal’s servers were responsible for displaying incorrect information. Liminal stated that the breach was due to compromised devices at WazirX sending malicious payloads to Liminal’s server.
According to Liminal, three devices from the victim’s transactions sent out malicious payloads, leading to the belief that local machines were compromised. The MPC provider clarified that their system automatically provides the final signature once the required number of valid signatures is received from the client.
In this particular case, the transaction was authorized by three WazirX employees. The multisig wallet, following the exchange’s configuration, was deployed and imported into Liminal’s system at WazirX’s request.
The Unanswered Questions Surrounding the WazirX Security Breach
Following the security breach at WazirX, there are still several critical questions that remain unanswered. One of the main concerns is how the attacker was able to gain access to the three WazirX devices in the first place.
Liminal, a cybersecurity firm, has suggested that a sophisticated man-in-the-middle (MIM) attack or a similar client-side compromise could be responsible for the breach. Despite WazirX’s use of robust security measures, including hardware wallets and whitelisted destination addresses, the attacker was still able to breach these defenses in what the exchange described as a “force majeure event.”
WazirX has not publicly addressed Liminal’s findings and has not responded to requests for comments. The exchange has stated that it is working with law enforcement and is pursuing additional legal actions in response to the breach.
The immediate plan of action for WazirX is to trace the stolen funds and conduct a deeper analysis of the breach with the help of forensic experts in order to recover the customer funds.