Wazirx informs users: Google's Mandiant confirms no laptop breach in cyberattack
Indian cryptocurrency exchange Wazirx said cybersecurity firm Mandiant, a subsidiary of Google, has confirmed that the Wazirx team’s laptops were not compromised in the $230 million cyberattack. The exchange added that attention is now focused on the wallet infrastructure of its custodian Liminal and that the findings of the investigation have been shared with law enforcement and other agencies to assist in the recovery of stolen assets.
Hack investigation reaches major milestone, Wazirx says
Indian cryptocurrency exchange Wazirx announced on Monday that it has reached a “significant milestone” in its investigation into the recent cyberattack. The company revealed on social media platform X that cybersecurity firm Mandiant, a subsidiary of Google, has verified the security of the laptop used by Wazirx team members in the breach.
The cryptocurrency exchange stated:
Mandiant, a leading cybersecurity firm and a subsidiary of Google, has confirmed that the laptop used by Wazirx group members in the recent $230 million cyberattack was not compromised.
The announcement comes after weeks of analysis following the theft of more than ₹2,000 crore ($230 million) in digital assets from one of Wazirx’s multi-signature wallets. Wazirx noted that the findings “have been shared with law enforcement and other investigative agencies to assist in the recovery of stolen assets.”
According to the exchange, Mandiant filed its report on August 14, finding no evidence of compromise on the three laptops used by Wazirx to sign the transaction. Wazirx noted that the investigation is currently focused on the wallet infrastructure managed by custodian Liminal. The crypto exchange noted that Mandiant's report stated: "We have not identified evidence of compromise on the three laptops used to sign the transaction."
Wazirx co-founder Nischal Shetty explained on X that the exchange hired Mandiant to conduct a comprehensive forensic analysis of the three laptops involved in the signing process because Liminal blamed the Wazirx laptop for the cyberattack without providing any evidence. “This Mandiant report should put to rest any criticism of wrongdoing or malice on Wazirx’s part. Wazirx followed industry best practices and the report demonstrates that there was no compromise on Wazirx’s part,” Shetty stressed.
He also mentioned that Wazirx is still waiting for answers from Liminal on a number of important issues, including the cause and extent of the breach, the possibility of insider involvement, how their website displayed real transactions while sending an incorrect payload for signing, why the firewall allowed transactions to non-whitelisted addresses, and how the malicious transactions were signed and approved. The co-founder added:
In parallel, we are also working on resolving issues related to INR and crypto assets on the platform.
Liminal insists that the breach did not occur on its end. In a statement to Bitcoin News last week, the company explained that customers use its self-custody wallet infrastructure software, which gives customers full access to all wallets and funds at all times, making them the sole initiator of all transactions. Liminal emphasized that customers also receive a recovery and backup toolkit to ensure full access to their wallets, even if Liminal ceases to exist, a standard feature of all self-custody wallet products.
Meanwhile, Wazirx users are increasingly concerned about not being able to access their funds due to the ongoing withdrawal freeze. They are asking the exchange to stop blaming others and restore access to their funds.
What do you think about Mandiant’s findings and Wazirx’s efforts to recover from this cyberattack? Let us know in the comments below.
#binance #MarketDownturn $BTC $ETH $BNB
