Bybit and Safe Custody Clash Over Responsibility for $1.5 Billion Hack
Crypto/Finance
 Trade Crypto on eToro

Bybit and Safe Custody Clash Over Responsibility for $1.5 Billion Hack

Bybit's forensic report absolves its security while implicating Safe wallet's vulnerabilities in a recent major breach.

Trade with eToro

Trade with eToro

Open an account

Trade on XM

Trade on XM

Open an account

Key Points:

  • Bybit’s forensic assessment indicates its systems were secure and the breach originated from vulnerabilities within the Safe wallet’s infrastructure.
  • Safe wallet asserts that external security experts found no flaws in its smart contracts or source code.
  • Stolen funds have been dispersed across numerous wallets, some of which were previously involved in hacks of Poloniex and Phemex.

Cryptocurrency exchange Bybit has published a forensic review in relation to the recent $1.5 billion hack, concluding that their systems remain uncompromised and attributing the issue to the Safe wallet’s compromised infrastructure.

Bybit determined that “the credentials of a Safe developer were compromised,” enabling the Lazarus hacking group to gain unauthorized access to the Safe wallet and mislead Bybit staff into authorizing the harmful transaction.

However, a source informed CoinDesk that while the vulnerability of the wallet stemmed from social engineering, the hack would not have been feasible if Bybit had not “blind signed” the transaction, which allows for transaction approval without full awareness of its details.

Furthermore, Safe issued a statement clarifying that “Safe smart contracts [were] unaffected, an attack was conducted by compromising a Safe wallet developer machine which affected an account operated by Bybit.” They highlighted that “a forensic review by external security researchers did NOT indicate any vulnerabilities in the Safe smart contracts or source code of the frontend and services.”

This back-and-forth between both parties reflects a similar dispute between WazirX and Liminal Custody, which attributed blame to one another following a $230 million hack last July.

On-chain data analyzed by ZachXBT reveals that Lazarus is laundering the stolen assets, with 920 wallets identified as potentially linked to the illicit funds. Interestingly, these funds have been entwined with stolen assets from previous hacks at Phemex and Poloniex, connecting Lazarus Group to all three incidents.

Read more: Bybit Declares ‘War on Lazarus’ as It Crowdsources Effort to Freeze Stolen Funds

Next article

Ethereum's Pectra Upgrade Launches on Testnet

Newsletter

Get the most talked about stories directly in your inbox

Every week we share the most relevant news in tech, culture, and entertainment. Join our community.

Your privacy is important to us. We promise not to send you spam!