Outside Source
The $1.4 billion hack was caused by similar attack vectors as the $230 million WazirX hack and the $58 million Radiant Capital hack, according to Cyvers.
News
Cryptocurrency exchange Bybit has suffered the largest hack in crypto history, losing more than $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH) and other ERC-20 tokens.
The attack highlights that even centralized exchanges with strong security measures remain vulnerable to sophisticated cyberattacks, analysts say.
Blockchain security analysts, including Arkham Intelligence and onchain sleuth ZachXBT, have linked the attack to Lazarus Group, a North Korean-backed hacker organization.
Arkham has launched a bounty program offering 50,000 Arkham (ARKM) tokens worth around $31,500 to identify the individual or organization responsible for the breach.
“This incident is another stark reminder that even the strongest security measures can be undone by human error,” Lucien Bourdon, an analyst at Trezor, told Cointelegraph.
Bourdon explained that attackers used a sophisticated social engineering technique, deceiving signers into approving a malicious transaction that drained crypto from one of Bybit’s cold wallets.
The Bybit hack is more than twice the size of the $600 million Poly Network hack in August 2021, making it the largest crypto exchange breach to date.
Related: Phemex halts withdrawals amid $29M of ‘suspicious’ outflows
Bybit hack linked to blind signing exploit
According to Meir Dolev, co-founder and chief technical officer at Cyvers, the attack shares similarities with the $230 million WazirX hack and the $58 million Radiant Capital hack. Dolev said the Ethereum multisig cold wallet was compromised through a deceptive transaction, tricking signers into unknowingly approving a malicious smart contract logic change.
“It seems that Bybit’s ETH multisig cold wallet was compromised through a deceptive transaction that tricked signers into unknowingly approving a malicious smart contract logic change.”
This allowed the hacker to gain control of the cold wallet and transfer all ETH to an unknown address,” Dolev told Cointelegraph.
Related: 3 crypto predictions going into 2025: SOL ETFs, AI trading, new threats
The $1.4 billion hack comes as a significant blow to the cryptocurrency industry, especially as it represents nearly half of the $2.3 billion stolen in crypto-related hacks in 2024
Crypto security firms like Cyvers are working on pre-emptive measures to combat future attacks.
An emerging solution, known as offchain transaction validation, could prevent 99% of all crypto hacks and scams by preemptively simulating and validating blockchain transactions in an offchain environment, Michael Pearl, vice president of GTM strategy at Cyvers, told Cointelegraph.
Magazine: Trump’s crypto ventures raise conflict of interest, insider trading questions
This article first appeared at Cointelegraph.com News
