According to ChainCatcher, crypto exchange WazirX released preliminary findings of a cyber attack on its X platform, saying that one of its multi-signature wallets had suffered a cyber attack, resulting in a loss of more than $230 million.

Since February 2023, the wallet has been operating using Liminal’s digital asset custody and wallet infrastructure services. Regarding the wallet configuration and the attack mechanism, the wallet has six signers - five from the WazirX team and one from Liminal, who are responsible for transaction verification. A transaction usually needs to be approved by three WazirX signers (all of whom use Ledger hardware wallets for security), and then a final approval is made by Liminal’s signer. For enhanced security, WazirX also implemented a policy of whitelisting destination addresses. These whitelisted addresses are marked and set by Liminal on the interface, so the WazirX team has the ability to initiate transactions to these whitelisted addresses. Regarding the nature of the cyberattack, the cyberattack originated from the discrepancy between the data displayed on Liminal’s interface and the actual transaction content. At the time of the attack, the information displayed on Liminal’s interface did not match what was actually signed, so it is suspected that the attacker replaced the payload in order to gain control of the wallet.

WazirX said: “This is a force majeure event beyond our control, but we are working tirelessly to track and recover the funds. We have blocked several deposits and contacted the relevant wallets for recovery. We are working with the best resources to help us complete this task. While this is the result of our initial investigation, we will continue to provide further updates.”