Buy $GGsBybit Hack Caused By Malicious Code In Safe Wallet’s Infrastructure: Report
Highlights
- Bybit’s initial investigation into its hack points to a vulnerability from Safe Wallet.
- The report says Bybit infrastructure remains uncompromised in the wake of the attack.
- Concerted efforts are underway to recover stolen assets from the North Korean hacking syndicate.
Early reports point to a third-party vulnerability as Bybit tries to find the remote and immediate causes of its security breach. While the interim investigation has absolved the exchange of blame, experts say the hack may be mitigated with watertight guardrails.
Safe Wallet Vulnerability Triggered Bybit Hack
As Bybit reels from its jarring $1.5 billion hack, the company enlisted Web 3 security outfit Verichains and Sygnia Labs to investigate the breach. Company CEO Ben Zhou took to X to share the results of the interim investigation report, pointing to Safe Wallet as the source of the Bybit hack.
Per the document, the root cause of the Bybit hack from malicious code in the wallet’s infrastructure. Bad actors replaced the original JavaScript file of the app.safe.global with compromised code to target Bybit’s Ethereum Multisig Cold Wallet.
Preliminary investigations say the attack on the top exchange was scheduled to hit during the next Bybit transaction. Both Verichains and Sygnia Labs’ analysts say Safe Global AWS S3 and CloudFront accounts were likely targets for hackers.
The report cites Wayback Archives as proof of a “cached malicious file” given Google Search’s integrations of the service. Safe Wallet’s official statement also confirms the origin of the breach, pointing to a compromised Safe developer machine.
“Bybit remains steadfast in our commitment to security and transparency,” said Zhou. “The preliminary forensic review finds that our system was not compromised.”
A Concerted Effort Underway To Recover Funds And Protect Customers
In the hours following the attack, Bybit transferred the funds from its Safe Wallet to limit its damage. The exchange has frozen $42 million worth of stolen funds from attackers in a collaborative effort by industry players.
Zhou has announced a bounty hunt designed to stifle the Lazarus Group’s ability to cash out from the attack. A positive development confirms that the firm has acquired 100% of Ethereum lost in the hack via a raft of loans and OTC deals from industry giants like Galaxy Digital and Wintermute.
Play 10,000+ Casino Games at BC Game with Ease
- Instant Deposits And Withdrawals
- Crypto Casino And Sports Betting
- Exclusive Bonuses And Rewards
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more… to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
Delivered every day.
- Insights that move markets
- 100,000 active subscribers
Related Articles
- US-Iran War: Reports Confirm Bombings In UAE, Bahrain and Kuwait As Crypto Market Makes Recovery
- XRP Price Dips on US-Iran Conflict, But Capitulation Signals March Rebound
- Crypto Market at Risk as U.S.–Iran War Threatens Inflation With Oil Price Surge
- Polymarket U.S.–Iran Strike Bets Fuel Insider Trading Speculation as Crypto Traders Net $1.2M
- Cardano’s DeFi TVL Climbs as USDCx Stablecoin Launches on Network
- Top Analyst Predicts Pi Network Price Bottom, Flags Key Catalysts
- Will Ethereum Price Hold $1,900 Level After Five Weeks of $563M ETF Selling?
- Top 2 Price Predictions Ethereum and Solana Ahead of March 1 Clarity Act Stablecoin Deadline
- Pi Network Price Prediction Ahead of Protocol Upgrades Deadline on March 1
- XRP Price Outlook As Jane Street Lawsuit Sparks Shift in Morning Sell-Off Trend
- Dogecoin, Cardano, and Chainlink Price Prediction As Crypto Market Rebounds
