Cryptocurrency Security

Hacker Breach Steals $1.4 Billion from Bybit – Here’s What Happened

In Brief

  • Hackers stole $1.4 billion from Bybit through a sophisticated breach.
  • Safe Wallet and Bybit are enhancing security measures after the attack.
  • The FBI links the breach to a North Korean cybercrime group.
Ömer Ergin
Ömer Ergin

Last month, hackers breached the Bybit platform’s systems, leading to the theft of cryptocurrencies valued at $1.4 billion. According to a statement from Safe Wallet, the breach was critically influenced by the exploitation of an employee’s compromised computer and the misuse of AWS session tokens. In collaboration with cybersecurity firm Mandiant, Safe Wallet announced that it is restructuring its security protocols. The Federal Bureau of Investigation (FBI) identified a connection between the attack and the North Korean-linked TraderTraitor group.

Contents
Steps of the Attack and Investigation ProcessSignificant Security Measures Implemented

Steps of the Attack and Investigation Process

The attack began with the compromise of a computer belonging to a Safe Wallet employee (Developer1) with high access privileges. Malicious software utilized by the hackers successfully bypassed the multi-factor authentication (MFA) system. Subsequently, the attackers gained access to Bybit’s Ethereum $1,630 hot wallet by seizing AWS session tokens. A significant portion of the stolen funds was in the form of Lido Staked Ethereum (stETH).

Mandiant’s technical analysis indicated that the attack was carried out by a sophisticated and organized cybercrime group. The FBI’s preliminary findings revealed that the attack methods were similar to tactics used by North Korea to secure financial resources. The investigation involves collaboration with blockchain analysis firms to trace the stolen funds.

Significant Security Measures Implemented

In response to the attack, Safe Wallet transformed its access controls into a layered system. Employee access to high-privilege systems is now restricted with real-time permission mechanisms and stringent audits. The duration of session token use within the AWS infrastructure has been shortened, and additional authentication steps are required for all transactions.

Bybit altered its management policy for hot wallets, transferring the majority of funds to cold wallets. The platform announced the establishment of an AI-based monitoring system capable of detecting abnormal activities in user accounts. Both companies stated they will conduct regular security tests with independent auditing firms.

You can follow our news on Telegram, Facebook, Twitter & Coinmarketcap
Disclaimer: The information contained in this article does not constitute investment advice. Investors should be aware that cryptocurrencies carry high volatility and therefore risk, and should conduct their own research.

You Might Also Like

London Authorities Team Up to Restore Hope for Fraud Victims

Stay Alert: Fake Microsoft Teams Sites Threaten Your Data Security

Stay Alert: Cryptocurrency Scam Tactics Target Job Seekers

Protect Your Crypto: Fight Against the Sophisticated StilachiRAT Threat

California Cracks Down on Crypto Scams to Protect Consumers

Share This Article
Previous Article Justin Sun Predicts TRX Will Reach New Heights – Are You Ready?
Next Article US Government Takes Bold Steps to Shape the Cryptocurrency Market
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

Latest News

Market Turmoil: Investors React as OM Coin Crashes 90%
Altcoin News
Market Uncertainty: Can Cryptocurrency Prices Maintain Momentum?
Cryptocurrency News
Bitcoin Surprises with Resilience: Insights from Market Analysts
Bitcoin (BTC)
Ethereum Price Fluctuations Ignite Technical Analysis and Strategic Forecasts
Altcoin News
Lost your password?