The article critiques the narrative surrounding the Bybit hack, asserting that it was primarily due to the negligence of the exchange's security team rather than the capabilities of hackers. No real hacking occurred; instead, it was an issue of mishandled internal protocols, where multisig signers mistakenly approved a large transfer. The author emphasizes that the media, influenced by claims of the Lazarus group, has misrepresented this incident. This incident showcases serious vulnerabilities within Bybit, calling for a deeper examination of their security failures rather than sensationalizing the attack's external labeling.
I am shocked, appalled, and frustrated by how easily concepts can be distorted in the 21st century. The Bybit hack is 99% the result of the CEX team's negligence and only 1% the skill of the hackers.
If we clearly distinguish between hack, social engineering, and targeted attack, it becomes evident that no actual hack occurred. Let me quote: 'There was no code exploit. No leaked private keys. Bybit's own multisig signers approved the transactions. They thought they were signing a routine transfer. Instead, they were handing over their entire cold wallet.'
Almost immediately, Arkham released a visual tracker displaying all transactions related to the 'hack': Arkham Explorer. The problem? This visualization distracts from the real issue.
The CEO (who is the final signer) failed to verify transactions. The security team is either nonexistent or completely ineffective. A similar attack had already happened, and they ignored the warning signs.
Collection
[
|
...
]