Indian cryptocurrency exchange WazirX has revealed that cybersecurity firm Mandiant, a subsidiary of Google, has confirmed that the laptops used by the WazirX team were not compromised during the recent $230 million cyberattack. The exchange now shifts its focus to the wallet infrastructure managed by custodian Liminal, sharing the investigation’s results with law enforcement and other agencies to aid in recovering the stolen assets.

This development follows weeks of scrutiny after the theft of over Rs 2,000 crores ($230 million) from WazirX’s multisig wallets. Mandiant’s report, submitted on August 14, found no evidence of compromise on the three laptops used for signing transactions. WazirX emphasized that the investigation is now zeroing in on Liminal’s wallet infrastructure, with Mandiant confirming: “We did not identify evidence of compromise on the three laptops that were used for signing transactions.”

WazirX co-founder Nischal Shetty took to X to clarify that the exchange had enlisted Mandiant for a thorough forensic analysis of the laptops, prompted by Liminal’s allegations that WazirX’s hardware was to blame without substantiation. Shetty stressed that Mandiant’s findings should dispel any doubts regarding WazirX’s involvement or negligence, affirming that the exchange adhered to industry best practices.

He also pointed out that WazirX is still awaiting answers from Liminal on crucial matters, including the breach’s cause and scope, potential insider involvement, discrepancies between the website’s displayed transaction and the actual payload, firewall anomalies, and the approval process for the malicious transaction. Shetty added, “We are also working on resolving the issues with INR and crypto assets on our platform.”

Liminal, for its part, has denied any fault on its side, stating that the breach did not occur within their infrastructure. In a recent statement, Liminal explained that their self-custody wallet infrastructure allows clients full access to their wallets and funds at all times, with recovery and backup kits provided as standard to ensure continued access even if Liminal ceases operations.

As users of WazirX face growing frustration over withdrawal freezes and limited access to their funds, many are calling for the exchange to stop attributing blame and focus on restoring access to their assets.

What are your thoughts on Mandiant’s findings and WazirX’s strategy for recovering from this cyberattack? Share your opinions in the comments below.