Ben Zhou, CEO of Bybit posted yesterday on X about the $1.4 billion hack that had occurred. “malicious code originating from Safe{Wallet}’s infrastructure.” Solana’s CEOs have many things to say, “nightmare season,” “holy hell,” The following are some examples of how to get started: “holy shit.”
According to preliminary reports, Safe’s smart contracts performed as expected. Still, the foul language likely stemmed from the fact that wallets being exploitable gives hackers access to a whole lot of assets — Safe’s smart accounts secure over $100 billion in digital assets.
Other hackers may go beyond Bybit.
The multisig wallet, Squads, used by many prominent Solana Teams, including Helium and Kamino as well as Pyth, Helius Drift Jupiter Ellipsis is “conducting a comprehensive review of our infrastructure to mitigate the possibility of such an attack,” Stepan Simkin is the CEO, he told me.
Simkin stressed that “high value accounts” You need a dedicated wallet because hackers are becoming more sophisticated. “potentially compromise any frontend.”
The Bybit hackers — whom the FBI has now accused of being linked to North Korea — injected malicious code into Safe’s JavaScript files to alter Bybit’s multisig transactions and send the funds to the attacker’s address, according to a report from blockchain security firm Slowmist. The crypto industry spends a great deal of time and effort auditing smart contract, but it pays less attention to the security aspects. “conventional infrastructure” — like leaked Amazon Web Services credentials, which was the culprit in this case, Simkin said.
“JavaScript side hacks are the easiest to execute due to lack of audits,” Cube Exchange CEO Bartosz Lipinski said. “Solana is not immune to that.”
Lipinski says Cube has chosen multi-party calculation over multisignature wallet security because it is more secure. “blind signing ” — which Bybit apparently did.
Simkin told reporters that Squads has been working to develop a “decentralized frontend” This would enable users to interact directly with the protocol, without having to heavily rely on its infrastructure.
Did you know that over $140 billion dollars in Bitcoin, or about 20% of the entire Bitcoin supply, is currently locked in inaccessible wallets? Or maybe you have lost access to your Bitcoin wallet? Don’t let those funds remain out of reach! AI Seed Phrase Finder is here to help you regain access effortlessly. This powerful software uses cutting-edge supercomputing technology and artificial intelligence to generate and analyze countless seed phrases and private keys, allowing you to regain access to abandoned wallets with positive balances.
