Uncovering the Bybit Hack: A Simple Explanation
Imagine this: a huge cryptocurrency exchange called Bybit lost about $1.4 billion in a single day. That’s like losing all the money in your piggy bank at once! This happened because some sneaky hackers found a way to steal the money. Let’s find out how they did it and what we can learn from this.
The Hack in Action
The hackers pulled off a clever trick that involved a few steps:
- Hacking a Developer’s Computer: The hackers got into a developer’s computer that was working on a thing called SafeWallet. They put some bad code into the Safe user interface, which is like the control panel for the wallet. This code was looking for Bybit’s Ethereum wallet specifically[1][3].
- Tricking People into Helping: The hackers sent fake messages (phishing) to the people who control the cold wallet. They made the transactions look normal, but they changed some details to trick the people into signing the bad transactions[2][4].
- Using Trust to Their Advantage: The hackers put their bad code into the Safe UI, which Bybit’s people trusted. This way, no one suspected anything when the hackers made the transactions[4].
Who Were the Hackers?
The group behind this hack is called the Lazarus Group. They’re known for being really good at tricking people and have stolen a lot of money from cryptocurrencies before[2][5].
What Happened After the Hack?
After the hack, SafeWallet worked with a cybersecurity company to find out what happened. They found that the hackers didn’t break into the smart contracts, but they tricked people into doing what they wanted[1]. Bybit’s boss said that most of the stolen money can still be traced, but about $280 million has been hidden[1]. The FBI even put out an alert to stop the hackers from using the stolen money[1][5].
What Can We Learn?
The Bybit hack shows us that we need to be really careful with our security, especially when we work with other people (like in supply chains). We should always check and double-check everything, even if it looks okay on the screen. As cryptocurrencies get more popular, we need to find better ways to protect our money from sneaky hackers.
—