{"id":15394,"date":"2025-02-27T20:17:12","date_gmt":"2025-02-27T20:17:12","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=15394"},"modified":"2025-02-27T20:17:12","modified_gmt":"2025-02-27T20:17:12","slug":"cz-criticizes-safe-wallets-post-mortem-on-bybit-hack","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=15394","title":{"rendered":"CZ Criticizes Safe Wallet\u2019s Post-Mortem on Bybit Hack"},"content":{"rendered":"
\n

Former Binance CEO Changpeng Zhao (CZ) has criticized Safe Wallet\u2019s post-mortem update on the Bybit hack, calling it \u201cnot that great\u201d and raising concerns about how attackers tricked multiple signers.<\/p>\n

His comments follow an audit report stating that the breach resulted from a compromise of Safe\u2019s infrastructure rather than the exchange\u2019s systems.<\/p>\n

Safe\u2019s Response<\/h2>\n

Forensic investigations found that compromised Safe Wallet credentials led to the nearly $1.5 billion Bybit exploit<\/a>. In a statement on X on Wednesday, the crypto wallet provider confirmed the findings, stating that the hack stemmed from a \u201ccompromised Safe Wallet developer machine.\u201d<\/p>\n

The company highlighted<\/a> that the reports did not identify vulnerabilities in its smart contracts or front-end source code. It also announced that it had fully rebuilt and reconfigured its infrastructure and changed all credentials, ensuring the attack vector was \u201cfully eliminated.\u201d<\/p>\n

However, CZ criticized<\/a> the statement, saying:<\/p>\n

\n

\u201cThis update from Safe is not that great. It uses vague language to brush over the issues. I have more questions than answers after reading it.\u201d<\/p>\n<\/blockquote>\n

He questioned what \u201ccompromising a Safe {Wallet} developer machine\u201d meant and how the attack happened, asking whether social engineering or a virus was involved. He also inquired how the developer machine had access to an account operated by Bybit and whether the code was deployed directly to production.<\/p>\n

Further concerns were raised about how the attackers bypassed Ledger verification, whether blind signing was involved, or if signers failed to verify properly.<\/p>\n

The Report and Updates<\/h2>\n

On February 26, Bybit released<\/a> a forensic audit conducted by Sygnia and Verichains about the attack. The audit revealed that Safe developer\u2019s credentials had been compromised, giving hackers access to the wallet\u2019s infrastructure, which led to signers being deceived into approving a malicious transaction.<\/p>\n

According to the report, the exploit was carried out using \u201cmalicious JavaScript code\u201d that had been injected into Safe\u2019s Amazon Web Services system two days earlier. The script activated only when transactions came from specific contract addresses, including Bybit\u2019s multi-sig contract and another address suspected to belong to the criminal.<\/p>\n

Just two minutes after the hack, the attackers removed the malicious code from Safe\u2019s system and disappeared. Forensic experts and the company have also confirmed that Bybit\u2019s infrastructure was not compromised.<\/p>\n

Since the incident, Bybit has borrowed<\/a> 40,000 ETH from Bitget to meet withdrawal demands, which have since been repaid. The firm has also restored<\/a> its reserves through loans, asset purchases, and whale deposits, securing 446,870 ETH valued at $1.23 billion. CEO Ben Zhou confirmed<\/a> that the exchange now has 100% backing for client assets.<\/p>\n

The post CZ Criticizes Safe Wallet\u2019s Post-Mortem on Bybit Hack<\/a> appeared first on CryptoPotato<\/a>.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Former Binance CEO Changpeng Zhao (CZ) has criticized Safe Wallet\u2019s post-mortem update on the Bybit hack, calling it \u201cnot that great\u201d and raising concerns about how attackers tricked multiple signers. His comments follow an audit report stating that the breach resulted from a compromise of Safe\u2019s infrastructure rather than the exchange\u2019s systems. Safe\u2019s Response Forensic […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-15394","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/15394","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15394"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/15394\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}