Mandiant Report Clears WazirX: Users Demand Full Disclosure

In response to mounting community pressure and a call for more transparency regarding the hack, WazirX finally shared an update on a third-party investigation they had commissioned. The cryptocurrency exchange announced that Madiant Solutions, a cybersecurity firm owned by Google, cleared them of any fault in the massive cyberattack that resulted in the loss of over $230 million (₹2,000 crore) from one of their Multisig wallets. 

WazirX brought in Mandiant to thoroughly investigate and see if any of the laptops used by their team during the transaction process had been compromised. According to the report, submitted on August 14, there was no sign of any issues with the three laptops used. The logical conclusion of this report seems to be that the hack may have stemmed from Liminal Custody, the company responsible for managing the wallet.

WazirX founder responds

Reacting to the Mandiant report, WazirX founder Nischal Shetty reinforced his initial belief that WazirX was not at fault for the hack. Moreover, Shetty firmly expressed his concerns on Liminal Custody for initially blaming WazirX without any substantial proof when the hack occurred. He mentioned that WazirX took the initiative to involve one of the top forensic teams and a neutral third party to ensure a thorough investigation. 

He also raised some questions for Liminal, such as how the attack was carried out, and why Liminal’s systems/processes failed to catch the malicious transaction, which seemed to be Liminal’s only job as custodians. Shetty stressed that WazirX follows industry best practices and that the Mandiant report should remove any lingering doubts about the exchange’s integrity. 

Community Reaction

Even though WazirX tried to bring more transparency through the release of the third-party report, the community’s response has been mixed. While some were relieved, others remained skeptical of how WazirX managed the situation. Critics still raised questions on WazirX’s decision to keep 45% of user funds in a single cold wallet, a move viewed as a major security risk by most international exchanges. They also wondered why WazirX’s three signees failed to catch the malicious transaction, even though their laptops were cleared. 

Many victims of the hack feel that their trust was placed in WazirX, not Liminal, and believe that WazirX should be held responsible for the breach. The community is calling for even more transparency, demanding detailed information on the stolen and remaining crypto assets. There are also lingering questions as to why the exchange has not opened its withdrawals more than a month after the hack. As users continue to wait for their funds to be restored, frustration is certainly growing, and they are urging WazirX to speed up the process.

After the update by WazirX, the ball now appears to be in Liminal Custody’s court. Notably, Liminal has remained silent since shortly after the hack, when they blamed WazirX for the breach. Interestingly, the connection between WazirX founder Nischal Shetty and Liminal founder Mahin Gupta, who is also an investor and advisor in Pi42, another venture linked to Shetty, has fueled suspicions of insider involvement in the hack. Now, the pressure is on Liminal Custody to provide answers and clarity on their role in this devastating incident.

Also Read: WazirX Users Outcry on Scheduled Maintenance Post $234M Hack

Source: https://www.cryptonewsz.com/mandiant-report-wazirx-users-demand-disclosure/