コインチェーン

仮想通貨・Web3ニュース・投資・教育情報

WazirX, Liminal Custody Blame Each Other as $230M Crypto Exploit Leaves Customers Stranded

Jul 23, 2024 #仮想通貨
WazirX, Liminal Custody Blame Each Other as 0M Crypto Exploit Leaves Customers Stranded

A $230 million exploit involving WazirX and Liminal Custody leaves users stranded, with both companies blaming each other for the incident.

Points

  • $230 million exploit involving WazirX and Liminal Custody.
  • Both companies blame each other for the breach.
  • Multisig wallet discrepancy cited as the cause.
  • Over 45% of WazirX’s holdings affected.

WazirX and Liminal Custody find themselves at the center of a $230 million exploit, leaving users in limbo as both firms point fingers at each other. The incident involved a multisig wallet using Liminal’s digital asset custody service, which WazirX claims was compromised due to a “discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents.”

Liminal, however, denies any breach in its infrastructure. According to a blog post from Liminal, “There is no breach in Liminal’s infrastructure, wallets, and assets. Unfortunately, three of the victims’ machines have been found injecting malicious payloads into the transaction, indicating a sophisticated, well-planned, and targeted attack on one specific Gnosis Smart Contract Multi-Sig wallet.”

The fallout from the exploit is significant, as it accounts for more than 45% of WazirX’s $500 million holdings, according to a June transparency report. Crypto security firm Elliptic suggests that North Korean hackers may be behind the attack. WazirX has filed a police report and is working with the Indian Computer Emergency Response Team (CERT-In) to investigate the incident further.

Despite Liminal’s insistence on the safety of its infrastructure, the damage to user trust and the significant financial loss have left both companies in a precarious position. Users are now uncertain about the security of their funds and the future of their investments on the platform.

解説

  • Multisig Wallets: Multisig (multiple-signature) wallets require multiple parties to approve a transaction before it can be executed. This added layer of security is designed to prevent unauthorized access, but it also introduces complexity that can be exploited if vulnerabilities exist.
  • Cybersecurity Threats: The involvement of sophisticated attackers, potentially linked to North Korea, underscores the ongoing threat of cyberattacks in the cryptocurrency industry. Robust security measures and continuous monitoring are essential to safeguard digital assets.
  • Impact on User Trust: Incidents like the WazirX-Liminal exploit can severely impact user trust in cryptocurrency exchanges and custody services. Transparency, prompt action, and effective communication are critical to managing such crises and maintaining user confidence.
  • Regulatory Response: The involvement of national cybersecurity agencies, like CERT-In, highlights the importance of regulatory oversight and collaboration in addressing and mitigating the effects of major security breaches in the crypto space.