New Delhi, Aug 19
Digital assets security firm Liminal Custody on Monday hit back at the WazirX cryptocurrency exchange, raising 'serious questions' on the Nischal Shetty-run platform which lost a massive Rs 2,000 crore worth digital assets in a recent data breach.
WazirX claimed that a third-party forensic audit was conducted with Google's subsidiary Mandiant. While a detailed report is forthcoming, "the findings largely indicate that the issue leading to the cyberattack originated from Liminal", claimed the crypto exchange.
Liminal Custody, the erstwhile security partner of WazirX, hit back, saying they cannot comment on the statement put out by WazirX, "due to the lack of any information on the scope and methodology of the audit they have conducted".
"Having said that, if one were to go by the information they've shared, this actually raises serious questions on the security of their network infrastructure, operational custody controls and overall security posture, given that they were the custodians for 5 of the 6 keys," the Liminal Custody statement read.
Liminal maintained that as far as their front-end and UI (user interface) is concerned, "our preliminary audit reports categorically indicate no breach in our front-end or UI".
"We have empanelled more than one reputed independent auditors to conduct forensic analysis and our detailed reports are expected to arrive within this week," said the security firm.
"We are open to empanelling additional auditors, including the likes of Mandiant to conduct the UI audit as well," Liminal added.
Earlier in the day, WazirX said they have received a clean chit from Mandiant Solutions, a Google subsidiary.
WazirX engaged the cybersecurity firm to conduct a forensic analysis. Mandiant submitted a report stating, "We did not identify evidence of compromise on the three laptops that were used for signing transactions."
According to the crypto exchange, the wallet that was attacked was managed using Liminal's digital asset custody and wallet infrastructure.