Bybit hack: ‘Reckoning’ that led SafeWallet to rearchitect its systems

In February, the cryptocurrency ecosystem stood connected the precipice of calamity. Hackers stole $1.5 cardinal of Ether from crypto speech Bybit, the largest theft the manufacture had ever seen.

Fears of a contagion-driven marketplace collapse were alleviated by an industry-wide effort to plug the spread astatine Bybit, and wrong hours, the speech regained power of the situation.

The post-mortem revealed that Bybit’s regular transportation of Ether (ETH) betwixt wallets had been captured by hackers. The attackers, believed to beryllium North Korean Lazarus Group hackers, compromised a SafeWallet developer machine, injecting malicious JavaScript into the idiosyncratic interface, which tricked Bybit’s multisignature process into approving a malicious astute contract.

The incidental was a wake-up telephone for the full cryptocurrency industry, fixed that galore exchanges and companies trust connected the infrastructure and services of players similar Safe. Even though Safe is simply a self-custodial wallet service, the incidental proved that blase societal engineering oregon compromised carnal hardware remains a menace to the full industry.

Safe CEO Rahul Rumalla joined Cointelegraph’s Chain Reaction unrecorded amusement to bespeak connected the learnings and systemic changes necessitated by the Bybit incidental and the ever-present, ever-changing threats from cybercriminals.

Related: SafeWallet releases Bybit hack post-mortem report

Self-custody is fragmented

As Rumalla explained, a Safe developer workstation had been compromised, which acceptable an introduction constituent for hackers to signifier an onslaught that could manipulate the website code. 

The Safe CEO said that the concern “was a reckoning moment” that forced the squad to wholly reorganize its information and infrastructure. It besides drew attraction to industry-standard practices that whitethorn not beryllium wholly suitable for purpose.

“A batch of radical really are subjected to the conception of unsighted signing. You truly don’t cognize what you’re signing, beryllium it your signing instrumentality oregon your hardware devices. And that starts with education, that starts with awareness, that starts with standards,” Rumalla said.

“Ultimately, successful the satellite of self-custody, the existent cardinal plan of this is shared work of security. It’s fragmented. And this is what we started re-architecting.”

Rumalla added that portion Safe had faced important scrutiny successful the aftermath of the Bybit theft, its halfway clients were supportive and keenly alert of the halfway onslaught vectors that led to the incident. 

Related: Timeline: How Bybit's mislaid Ethereum went done North Korea's washing machine

His squad past acceptable to enactment breaking down the layers of architecture that marque up Safe’s information infrastructure. 

“We broke it down by transaction level security, signer instrumentality level security, infrastructure level security, but besides standards and compliance, and auditability. They each person to enactment unneurotic successful immoderate way,” Rumalla said.

The evolving menace from hackers 

Lazarus Group hackers person been the astir prolific menace to the cryptocurrency ecosystem successful caller years. Mainstream media forecasts the North Korean hacking radical to container implicit $2 cardinal successful stolen cryptocurrency successful 2025.

Rumalla said that the biggest situation is the facet of societal engineering that hacking groups are utilizing to infiltrate large companies successful the industry.

“These attackers are successful Telegram channels. They’re successful our institution intro chats, they’re successful your DAO’s posting for grants. They’re applying for jobs arsenic IT workers. They instrumentality vantage of the quality element.”

However, this besides provided a metallic lining for Rumalla and his team. Taking solace from the information that their codification and protocol were not astatine fault, the CEO said determination is an earnest effort to equilibrium information and usability.

“The astute accounts, the halfway protocol, that was ace conflict tested, which truly gave america the assurance to elevate this connected the layers supra arsenic well.”

Rumalla added that self-custody exertion historically progressive a compromise betwixt convenience and security. However, a mindset alteration is required to guarantee continuous improvement successful products and services that marque it casual and unafraid for radical to instrumentality self-custodial power of their assets.

Magazine: North Korea crypto hackers pat ChatGPT, Malaysia roadworthy wealth siphoned: Asia Express