In a twist of cosmic irony that would make even the most seasoned intergalactic hitchhiker raise an eyebrow, Safe, the illustrious creator of the SafeWallet multisignature product (used by Bybit, because why not?), has released a post-mortem update that reads like a poorly written sci-fi novel. The root cause of the recent Bybit hack? A compromised developer machine! Yes, folks, it seems that the universe has a sense of humor, and it’s laughing at us all.
According to the fine folks at Safe, their forensic review (which sounds suspiciously like a fancy term for “we looked at it and shrugged”) found no vulnerabilities in the Safe smart contracts or the code of their front-end portal. This is a relief, considering the $1.4 billion cybersecurity incident that has left many scratching their heads and wondering if they should have invested in a good old-fashioned piggy bank instead.
Martin Köppelmann, co-founder of the Gnosis blockchain network (which developed Safe, because why not have a network of Gnomes involved?), noted that the compromised machine was modified to target the Bybit Safe and divert transactions to a different hardware wallet. It’s like a magician pulling a rabbit out of a hat, except the rabbit is your life savings and the hat is a black hole.
“This update from Safe is not that great. It uses vague language to brush over the issues,” Zhao, the Binance co-founder, wrote in a Feb. 26 X post. He also asked for clarification on how the hackers managed to trick multiple signers into signing the transaction, which is a bit like asking how a cat manages to knock things off a table. It’s a mystery for the ages.
Köppelmann added that he could only speculate about how the hackers pushed the fraudulent transactions past multiple signers. It’s a bit like trying to guess how many jellybeans are in a jar—impossible and slightly maddening. He theorized that the hackers didn’t target other addresses to avoid detection, which is a clever strategy unless you’re the one getting hacked.
A forensic review conducted by Sygnia and Verichains revealed on Feb. 26 that “the credentials of a Safe developer were compromised […] which allowed the attacker to gain unauthorized access to the Safe(Wallet) infrastructure and totally deceive signers into approving a malicious transaction.” In layman’s terms, someone forgot to change their password from “password123.”
Lazarus Group launders funds stolen from Bybit hack
In a plot twist that could only be described as “too good to be true,” on-chain data shows that the Lazarus Group has transferred 45,900 Ether (ETH), valued at approximately $113 million during the last 24 hours. It’s like watching a magician make money disappear, except this time, it’s not coming back.
This brings the total amount of funds laundered to over 135,000 ETH, valued at roughly $335 million. If only they could launder my laundry as efficiently!
According to analyst EmberCN, the infamous hacking group will likely have “cleaned up” the funds within 8-10 days. It’s like a spring cleaning, but for stolen money.
Bybit and blockchain analytics firm Elliptic have tracked the stolen crypto to over 11,000 wallets controlled by the Lazarus Group. It’s a bit like trying to find a needle in a haystack, except the haystack is on fire and the needle is a million-dollar bill.
Elliptic also published a data feed of addresses associated with the infamous hacker group to help market participants stay clear of those wallet addresses. Because nothing says “trustworthy” like a list of known criminals!
Read More
- OM PREDICTION. OM cryptocurrency
- CRV PREDICTION. CRV cryptocurrency
- EUR JPY PREDICTION
- DF PREDICTION. DF cryptocurrency
- KSM PREDICTION. KSM cryptocurrency
- Doctor Strange’s Shocking Return in Marvel’s Avengers: Doomsday Revealed!
- USD MXN PREDICTION
- USD VES PREDICTION
- How to watch A Complete Unknown – is it streaming?
- XDC PREDICTION. XDC cryptocurrency
2025-02-27 00:01