WazirX releases preliminary investigation results on the cyber attack: the attack was an act of force majeure, but efforts are being made to trace and recover the funds
ChainCatcher news, the encrypted exchange WazirX has released preliminary investigation results of a cyber attack on the X platform, stating that one of its multi-signature wallets has been compromised, resulting in a loss of over $230 million.Since February 2023, this wallet has been operating using Liminal's digital asset custody and wallet infrastructure services. Regarding the wallet configuration and attack mechanism, the wallet has six signers—five from the WazirX team and one from Liminal, who are responsible for transaction verification. A transaction typically requires the approval of three WazirX signers (all of whom use Ledger hardware wallets to ensure security) before being finally approved by Liminal's signer. To enhance security, WazirX has also implemented a policy of whitelisting destination addresses. These whitelisted addresses are marked and set up by Liminal on the interface, allowing the WazirX team to initiate transactions to these whitelisted addresses. Regarding the nature of the cyber attack, it stemmed from a discrepancy between the data displayed on the Liminal interface and the actual transaction content. At the time of the attack, the information shown on the Liminal interface did not match the content that was actually signed, leading to suspicions that the attacker replaced the payload to take control of the wallet.WazirX stated: "This is an act of God that we cannot control, but we are doing everything possible to trace and recover the funds. We have blocked several deposits and contacted the relevant wallets for recovery. We are working with the best resources to help us accomplish this task. While this is the result of our preliminary investigation, we will continue to provide further updates."