Two months after hackers managed to steal over $230 million from India-based crypto exchange WazirX, the status of customer funds remains in doubt as the exchange and its custody provider, Liminal, continue to play the blame game.
Both firms continue to accuse the other of being at fault for the breach that allowed the hacker to steal customer funds, and there appears to be no resolution in sight, especially with internal investigations seemingly moving ahead at a snailâs pace.
Most recently, the firm faced legal threats from its customers, with the most notable pursuant being another rival exchange, CoinSwitch. The company initiated legal action against Wazir to recover 2% of its funds worth approximately $6.2 million.
Source: CoinSwitch
Thus, to gain injunctive relief, the exchange filed a moratorium application to obtain a 30-day extension for its internal investigation efforts.
However, as part of a recent affidavit, it was revealed that only 441 users â translating to approximately 0.02% of WazirXâs two million strong monthly user base â supported the appeal, which WazirXâs majority stakeholder, Zettai, filed. Despite the meager backing, the moratorium was passed on Sept. 13.
Despite its ongoing fund recovery efforts, WazirX recently said 43% of customer funds are irrevocably lost.
Liminal and WazirX try to wash their hands
To help clear its name and showcase that its digital infrastructure had not been compromised during the hack, Liminal announced on Sept. 9 that it had undergone an independent audit by multinational professional services firm Grant Thornton.
The audit found that Liminal did not find any evidence of the cyberattack originating from Liminalâs web apps or its back-end and front-end structures.
Recent: Venezuela oppositionâs Bitcoin reserve plan must overcome political turmoil first
Liminal stated that while its preliminary reports identified a mismatch between the data shared by the firm and the payload received from the clientâs systems, the audit report affirmed that the custody provider had nothing to do with the lost funds.
âWe now have multiple reviews which conclude that Liminalâs front end, back end and UI [user interface] are found with no evidence of any compromise or vulnerabilities related to the transaction workflow,â a Liminal spokesperson stated.
Around the same time, WazirX also enlisted the services of Google subsidiary Mandiant. Their findings confirmed that WazirXâs Laptops were not compromised during the attack, an assertion that had been widely circulating on the internet following the attack.
