News

WazirX, Liminal Custody Blame Each Other as $230M Crypto Exploit Leaves Customers Stranded

  • Liminal Custody said three WazirX wallets were breached in the lead-up to the $230 million exploit.
  • WazirX said that a discrepancy on Liminal's interface triggered the loss. If filed a police report today.
  • Security firm Elliptic said on Thursday that North Korean hackers appear to be behind the hack.

WazirX and Liminal Custody, the two firms at the center of yesterday's $230 million exploit , are blaming each other for the success of the attack, leaving users in the dark over the security of their funds.

In a post on X , Indian crypto exchange WazirX said the exploit was related to a multisig wallet using Liminal's digital asset custody service. The attack stemmed from a "discrepancy between the data displayed on Liminal's interface and the transaction's actual contents," it said.

Liminal, for its part, said its infrastructure had not been breached and that all wallets – including WazirX's – remain safe. A multisig wallet is one that requires several people to sign a transaction before it can be executed.

"There is no breach in Liminal’s infrastructure, wallets and assets," Liminal said in a blog post . "Unfortunately three of the victims machines have been found injecting malicious payloads into the transaction indicating a sophisticated, well planned and targeted attack on one specific Gnosis Smart Contract Multi-Sig wallet."

The exchange filed a police report and engaged with the Indian Computer Emergency Response Team (CERT-In) earlier today. The stolen funds account for more than 45% of its $500 million holdings, according to a transparency report from June. Crypto security firm Elliptic said that North Korean hackers appear to be behind the exploit.

Liminal did not respond to a request for comment.