{"id":15229,"date":"2025-02-27T00:01:45","date_gmt":"2025-02-27T00:01:45","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=15229"},"modified":"2025-02-27T00:01:45","modified_gmt":"2025-02-27T00:01:45","slug":"bybit-and-safe-custody-are-at-odds-on-whos-to-blame-for-1-5b-hack","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=15229","title":{"rendered":"Bybit and Safe Custody Are at Odds on Who&#8217;s to Blame for $1.5B Hack"},"content":{"rendered":"<div>\n<p>Cryptocurrency exchange Bybit has <a href=\"https:\/\/www.newswire.ca\/news-releases\/bybit-confirms-security-integrity-amid-safe-wallet-incident-no-compromise-in-infrastructure-838573160.html\" target=\"_blank\">published a forensic review<\/a> on last week&#8217;s $1.5 billion hack, revealing that its systems had not been infiltrated and that the issue seemed to have stemmed from compromised Safe wallet infrastructure. <\/p>\n<p>Bybit concluded from the review that &#8220;the credentials of a Safe developer were compromised,&#8221; which allowed the Lazarus hacking group to gain unauthorized access to the Safe wallet and subsequently deceive Bybit staff into signing the malicious transaction.<\/p>\n<p>However, a person familiar with the matter told CoinDesk that despite the wallet&#8217;s infrastructure being compromised by social engineering, the hack would not have been possible had Bybit not &#8220;blind signed&#8221; the transaction. The term refers to a mechanism where a smart contract transaction is approved without comprehensive knowledge of its contents.<\/p>\n<p>Safe also <a href=\"https:\/\/x.com\/safe\/status\/1894768522720350673\" target=\"_blank\">issued a statement<\/a> saying that &#8220;Safe smart contracts [were] unaffected, an attack was conducted by compromising a Safe {Wallet} developer machine which affected an account operated by Bybit.&#8221; It also pointed out that a &#8220;forensic review of external security researchers did NOT indicate any vulnerabilities in the Safe smart contracts or source code of the frontend and services.&#8221;<\/p>\n<p>The apparent back and forth between both companies mirrors that of WazirX and Liminal Custody, which <a href=\"https:\/\/www.coindesk.com\/business\/2024\/07\/19\/wazirx-liminal-custody-blame-each-other-as-230m-crypto-exploit-leaves-customers-stranded\" target=\"_blank\">blamed each other <\/a>following a $230 million exploit last July.<\/p>\n<p>On-chain data analyzed by ZachXBT shows that Lazarus is <a href=\"https:\/\/x.com\/zachxbt\/status\/1893406750159548662\" target=\"_blank\">attempting to launder<\/a> the stolen funds, with 920 wallets currently being tainted with the ill-gotten gains. The funds, perhaps inadvertently, have been commingled with stolen funds from hacks targeting Phemex and Poloniex, linking Lazarus Group to all three.<br \/>\nRead more: <a href=\"https:\/\/www.coindesk.com\/markets\/2025\/02\/25\/bybit-declares-war-on-lazarus-as-it-crowdsources-effort-to-freeze-stolen-funds\" target=\"_blank\">Bybit Declares \u2018War on Lazarus\u2019 as It Crowdsources Effort to Freeze Stolen Funds<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cryptocurrency exchange Bybit has published a forensic review on last week&#8217;s $1.5 billion hack, revealing that its systems had not been infiltrated and that the issue seemed to have stemmed from compromised Safe wallet infrastructure. Bybit concluded from the review that &#8220;the credentials of a Safe developer were compromised,&#8221; which allowed the Lazarus hacking group [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-15229","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/15229","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15229"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/15229\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15229"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15229"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15229"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}