WazirX's systems not compromised in $230M hack, says Google report
What's the story
WazirX, a leading cryptocurrency exchange platform, has confirmed that its systems were not compromised during the recent $230 million cyberattack. This revelation follows a thorough forensic investigation conducted by Mandiant Solutions, a subsidiary of Google. The attack targeted one of WazirX's multisig wallets, resulting in the loss of nearly 45% of its holding assets last month.
Features
What are multisig wallets?
Multisig wallets, also known as multi-sig vaults or safes, use multiple private keys in order to access and transfer cryptocurrencies. This offers more security in comparison to single-signature transactions, because even if one private key is compromised, the hackers cannot access the funds without inputing the necessary signatures. WazirX's hacked wallet needed six signatories, of which five were of WazirX and one was from its infrastructure and custody partner Liminal.
Investigation outcome
WazirX receives 'clean chit' from Mandiant Solutions
Mandiant Solutions has given a "clean chit" to WazirX, stating that the exchange's systems were not compromised in the cyberattack. "All transactions from the multisig wallet required approval from three members of WazirX, followed by the final authorization from Liminal," explained WazirX.
Report findings
No evidence of compromise on transaction-signing laptops
The forensic report stated, "We did not identify evidence of compromise on the three laptops that were used for signing transactions." WazirX has suggested that the issue leading to the cyberattack may have originated from Liminal. A detailed report on this matter is expected soon. Despite the setback, WazirX remains committed to cooperating with investigating agencies and is actively working toward recovering the stolen funds.