Hours after WazirX cryptocurrency exchange released a statement blaming their erstwhile security partner Liminal Custody for breach resulting in Rs 2000 crore cyber hack, Liminal has hit back at the exchange, questioning their overall security infrastructure and operations.
An official spokesperson of Liminal Custody- a digital assets security firm said they cannot comment on the authenticity of a forensic audit conducted by WazirX and rather questioned the the network infrastructure and operations of the exchange.
We cannot comment on the statement put out by WazirX, due to the lack of any information on the scope and methodology of the audit they have conducted. Having said that, if one were to go by the information
they’ve shared, this actually raises serious questions on the security of their network infrastructure, operational custody controls and overall security posture, given that they were the custodians for 5 of the 6 keys,” read a statement from Liminal Custody.
WazirX on Monday had claimed that a third party forensic audit was conducted regarding the July 18 WazirX hack and the reports had allegedly found no instance of breach from WazirX’s end. The exchange had also claimed that the audit report conducted by Mandiant suggested that the security breach might have happened on the Liminal’s end.
Post the July 18 hacking incident where Rs 2000 crore worth of investors were stolen from a single multi-signature digital wallet of WazirX, the two companies have fallen off and engaged in bitter verbal duels.
Liminal further maintained that their internal audit revealed no such breach from their user -interface (UI) or front end. They have also invited Mandiant and hence WazirX to conduct an impartial investigation on Liminal’s gadgets active during the July 18 hacking incident.
As far as our front-end and UI is concerned, our preliminary audit reports categorically indicate no breach in our front-end or UI. Please note that we have empanelled more than one reputed independent auditors to conduct forensic analysis and our detailed reports are expected to arrive within this week. We are confident that the Liminal front-end and UI were not compromised and the report and findings will be shared as soon as they are made available to us. In the interest of absolute transparency at our end, we are open to empanelling additional auditors, including the likes of Mandiant to conduct the UI audit as well,” read the statement from Liminal.
Right after WazirX released a statement on social media regarding their forensic audit, its co-founder Nischal Shetty took to ‘X’ to pose questions to Liminal Custody- a firm they were in business with, hardly a month ago.
The blame game between WazirX and Liminal Custody continues even as thousands of investors of the exchange have been anxiously awaiting their funds to be unlocked for withdrawal process. According to an estimate, over 4000 crore of investor funds were available till July 18 morning and the cyber attack resulted in loss of 45% funds. The remaining 55% customer funds were locked immediately by the exchange to deter any further withdrawals; the status quo has remained till date.
Also Read: WazirX blames Liminal for Hack, Investors say we trusted WazirX not Liminal