Cryptocurrency Security

Hacker Breach Steals $1.4 Billion from Bybit – Here’s What Happened

In Brief

  • Hackers stole $1.4 billion from Bybit through a sophisticated breach.
  • Safe Wallet and Bybit are enhancing security measures after the attack.
  • The FBI links the breach to a North Korean cybercrime group.
Ömer Ergin
Ömer Ergin

Last month, hackers breached the Bybit platform’s systems, leading to the theft of cryptocurrencies valued at $1.4 billion. According to a statement from Safe Wallet, the breach was critically influenced by the exploitation of an employee’s compromised computer and the misuse of AWS session tokens. In collaboration with cybersecurity firm Mandiant, Safe Wallet announced that it is restructuring its security protocols. The Federal Bureau of Investigation (FBI) identified a connection between the attack and the North Korean-linked TraderTraitor group.

Contents
Steps of the Attack and Investigation ProcessSignificant Security Measures Implemented

Steps of the Attack and Investigation Process

The attack began with the compromise of a computer belonging to a Safe Wallet employee (Developer1) with high access privileges. Malicious software utilized by the hackers successfully bypassed the multi-factor authentication (MFA) system. Subsequently, the attackers gained access to Bybit’s Ethereum $2,413 hot wallet by seizing AWS session tokens. A significant portion of the stolen funds was in the form of Lido Staked Ethereum (stETH).

Mandiant’s technical analysis indicated that the attack was carried out by a sophisticated and organized cybercrime group. The FBI’s preliminary findings revealed that the attack methods were similar to tactics used by North Korea to secure financial resources. The investigation involves collaboration with blockchain analysis firms to trace the stolen funds.

Significant Security Measures Implemented

In response to the attack, Safe Wallet transformed its access controls into a layered system. Employee access to high-privilege systems is now restricted with real-time permission mechanisms and stringent audits. The duration of session token use within the AWS infrastructure has been shortened, and additional authentication steps are required for all transactions.

Bybit altered its management policy for hot wallets, transferring the majority of funds to cold wallets. The platform announced the establishment of an AI-based monitoring system capable of detecting abnormal activities in user accounts. Both companies stated they will conduct regular security tests with independent auditing firms.

You can follow our news on Telegram, Facebook, Twitter & Coinmarketcap
Disclaimer: The information contained in this article does not constitute investment advice. Investors should be aware that cryptocurrencies carry high volatility and therefore risk, and should conduct their own research.

You Might Also Like

The Shocking Story of How an X Account Hack Sent Bitcoin Prices Soaring

Protect Your Cryptocurrency: Strengthen Your Online Security with CZ’s Tips!

Lido Swiftly Secures Its Network After Critical Oracle Breach

Crypto Market Faces Severe Security Breaches in April

Catch Fraudsters with Revealing Identity and Background Lies

Share This Article
Previous Article Justin Sun Predicts TRX Will Reach New Heights – Are You Ready?
Next Article US Government Takes Bold Steps to Shape the Cryptocurrency Market
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

Latest News

China Shakes Up Global Markets with Major US Treasury Sell-Off
Economy
Crypto Investors Ramp Up Security Measures Following Recent Breaches
Cryptocurrency News
Trump Token Gala Attracts International Investors
Cryptocurrency News
Bitcoin Signals a New Bullish Phase with Golden Cross
Bitcoin (BTC)
Lost your password?