Table of Contents
We understand the immense concern the recent cyber attack has caused. We are committed to full transparency and want to provide you with a comprehensive update on our findings, the ongoing forensic analysis, and the steps we are taking to secure user assets. We hope this note sparks a meaningful discussion on how centralized exchanges can further enhance the security of digital assets. By sharing our findings and learnings, we aim to contribute to the broader effort of strengthening the entire crypto ecosystem. Together, we can develop more robust security measures to better protect our community and assets against future cyber attacks.
We have refrained from giving a knee-jerk reaction to the incident and have initiated a thorough forensic analysis to uncover the full details of the cyber attack. Once the forensic report is complete, we will share conclusive evidence with the community.
Our preliminary findings have not found any evidence that WazirX signers’ machines were compromised.
Multi-Signature Wallet Structure
To provide context, it’s important to understand our wallet structure:
- The affected multisig wallet had six signatories: five managed by WazirX and one by Liminal.
- Liminal’s wallet is said to be protected by additional infrastructure, including a firewall – which involves policy checks like destination whitelisting – specifically designed to prevent incorrect or malicious transfers by other signers.
- Transactions through Liminal’s infrastructure require signatures from 3 WazirX signers followed by a fourth and final signature from Liminal. The Liminal signer is the last line of defense which checks and verifies if a transaction is correct and authentic before signing.
In this cyber attack, the malicious transactions went through because signatures from three WazirX signers and one from Liminal were obtained, confirming the use of Liminal’s infrastructure.
Signing Process and Security Precautions
We want to explain the procedures and precautions that WazirX takes while handling the signature process from our end:
- The three WazirX devices that signed the malicious transactions were all at three different locations with three different internet connections.
- All three signers used their respective hardware wallets to sign the transactions.
- Two of the three signers used devices primarily dedicated to signing such transactions, while one signer used their work device.
- Each signer accessed the Liminal website through a bookmarked link or Chrome shortcut app saved in their browser to prevent phishing attempts.
- The Liminal website mandatorily requires two-factor authentication (2FA) for access after Google login.
Detailed Signing Process
- Login to Liminal Website: Signers use bookmarked links or Chrome shortcut app and 2FA to access the Liminal platform securely. To ensure there is no phishing, each signer uses a bookmarked link that is already saved on the browser. The Liminal website has 2FA enabled for an additional layer of security.
- Transaction Initiation: A new transaction is initiated through the Liminal website by choosing the asset (an ERC20 token) and the destination wallet address. The destination wallet address was already previously added to the whitelisted address book on Liminal. The process of address whitelisting ensures that only transactions to the whitelisted address are permitted and Liminal’s policy will not allow withdrawals to any non-whitelisted addresses.
Note on ERC20 Transactions
In Ethereum, when signing an ERC20 transaction, the hardware device involved in signing does not display the token or the destination address. This blind signing is a standard procedure for anyone using such a multisig wallet on Ethereum. To ensure that the WazirX signers knew what they were signing, they relied on the transfer details displayed on the Liminal website, which shows the token being signed and the destination address.
An important observation is that when connecting a hardware wallet to a website, the wallet doesn’t ask to confirm the connection if it’s been previously connected. However, it does ask for confirmation if it is connected to new website and also before each signing action. Moreover, we also checked the browser history and verified that the URL we accessed was indeed the correct one. If there had been a malicious phishing website, the hardware device would have requested a new connection. In this case, no such request was made, supporting our understanding that the website used for the transaction was indeed the legitimate Liminal website.
Preliminary Findings
- We have been unable to find any evidence that WazirX signers’ machines were compromised.
- The attack involved the flow of transactions through Liminal infrastructure, as evidenced by the use of 3 WazirX signatures and 1 Liminal signature.
- The malicious transaction was not sent to any of the destination addresses in the whitelisted addresses, which should have been prevented by Liminal’s firewall and whitelist policy.
Important to Note
Contrary to some reports on social media, WazirX did not sign any malicious transactions 8 days before the attack. The attacker had created smart contracts on July 10, 2024, but these had no interaction with the WazirX wallet until July 18, 2024.
The malicious transaction which was approved by the relevant signatories, seemed to have upgraded the contract to transfer the control to the attacker. We have representations from Liminal that their interface does not allow initiating contract upgrade from its interface. It is pertinent to state here that the Central Bureau of Investigation (CBI), India’s premier investigative agency, has entrusted Liminal Custody Solutions with the secured non-custodial storage of digital assets seized during investigations which may also be based upon such representations by Liminal.
It’s also important to note that the multisig wallet transactions and execution of transactions over Liminal are completely outside WazirX’s servers and infrastructure, and there was no breach whatsoever on the WazirX infrastructure or servers.
Based on our preliminary analysis, we believe one of the following scenarios may have occurred:
Scenario 1: All three WazirX signers received malicious transactions directly from Liminal due to a potential breach of the Liminal infrastructure. This potential scenario is supported by:
- No new connection request was made to the hardware wallets
- The request came from a whitelisted address as seen by the WazirX signers on the Liminal interface.
- All the signers saw the expected token name (USDT and GALA) and destination address on the Liminal interface as well as received email notifications
Scenario 2: All three WazirX signers were compromised by malware on three devices by some means by the attackers. While we have not found any preliminary evidence suggesting the malware, we have initiated the forensic test and will update you on the findings in the upcoming days. It’s important to note that for this scenario to be possible, the attacker would also need to breach Liminal’s infrastructure and firewall to obtain the fourth and final signature to be able to execute and publish a transaction on the blockchain.
Given our preliminary analysis showing no evidence of tampering or malicious malware on our systems, we currently believe Scenario 1 is the more likely cause of this attack. However, we await conclusive forensic results before making a final determination.
We are also waiting for detailed analysis and findings from Liminal to understand how their security measures may have been bypassed. We want to emphasize that our goal is not to assign blame but to understand the full scope of the attack so we can prevent similar incidents in the future and best serve our affected users.
Sophisticated Nature of the Attack
Several security analysts and experts have been suggesting that this cyber attack bears the markings of the infamous Lazarus Group, known for its highly sophisticated and advanced methods. The Lazarus Group has a history of executing complex cyber-attacks through a combination of social engineering, custom malware, and zero-day exploits that bypass robust security measures. For example:
- Cyber attack on one of the leading international multimedia and entertainment studios, releasing confidential data and causing significant financial and reputational damage
- Breaching a bank’s network using the stolen credentials of a SWIFT operator and installing six types of malware
- Targeting several popular crypto exchanges across South Korea, Japan, and the globe by using sophisticated malware and spear phishing techniques resulting in the theft of over $600 million in various tokens
- Attacking an Indian bank, siphoning off nearly $13.5 million through simultaneous withdrawals across 28 countries
We are working closely with cybersecurity experts and law enforcement agencies to investigate any potential links to known threat actors. As our investigation progresses, we may share status updates on the same with our community while ensuring we do not compromise the integrity of the ongoing investigation, as these are highly confidential.
Impact and Clarifications
- Approximately 45% (as per our preliminary workings) of crypto assets were affected by this cyber attack.
- INR funds were not affected in this attack.
- The WazirX platform itself was not breached.
Key Insight: The Evolving Landscape of Multisig Ethereum Wallet Security
Throughout our investigation of this incident, we’ve gained valuable insights into the complexities of securing multisig Ethereum wallets. We want to share our learnings that can contribute to advancing security practices across the entire crypto ecosystem:
The crypto industry continues to face significant security challenges, with multisig wallets and complex smart contract interactions being areas of particular concern. When signing ERC20 transactions, hardware wallets often don’t display the token or destination address. Blind signing occurs when a hardware wallet does not fully show the details of the transaction you are about to confirm, such as the destination address and the specifics of the tokens being transferred. This “blind signing” is a known limitation in many setups where signers must rely on the information shown on their custody provider’s interface, implicitly trusting what they see on the screen. If a custody provider’s infrastructure is compromised, there’s a theoretical risk that displayed transaction information could be manipulated, even with robust security measures in place.
This vulnerability isn’t unique to WazirX – it’s an ongoing challenge in Ethereum multisig transactions. The recent Ledger supply chain attack (December 14, 2023) highlighted this issue, leading Ledger to announce plans to disable blind signing for EVM dApps by default. Following this, Ledger also announced plans to disable blind signing for EVM dApps in December 2023.
From our end, to mitigate risks associated with blind signing, we followed best practices recommended by hardware wallet providers (Ledger), including:
- Verifying the URL of the website we’re interacting with.
- Ensuring we’re transacting with a reputable platform.
- Using hardware wallets to keep private keys offline.
- Implementing multi-factor authentication and geographically distributed signers.
- Utilizing bookmarked links to prevent phishing attempts.
The crypto community has always thrived on collaboration and shared knowledge. We want to share this insight to contribute to the collective knowledge that can make our industry safer for everyone. By working together, we can create a more secure environment for all crypto users.
This spirit of collaboration is our greatest strength. It’s not just about protecting individual platforms – it’s about safeguarding the future of decentralized finance and the trust of millions of users worldwide.
Thank you for your continued patience and support. We are committed to transparency and will keep you informed as we navigate this challenge and work towards a more secure future for all our users.
Disclaimer: Cryptocurrency is not a legal tender and is currently unregulated. Kindly ensure that you undertake sufficient risk assessment when trading cryptocurrencies as they are often subject to high price volatility. The information provided in this section doesn't represent any investment advice or WazirX's official position. WazirX reserves the right in its sole discretion to amend or change this blog post at any time and for any reasons without prior notice.