BREAKING: The hack wasn’t even really Bybit’s fault.
Bybit just released their audit
report.
It says that the compromise was NOT on Bybit infrastructure. The attack happened due to a malicious code originating from Safe Wallet.
Lazarus Group compromised Safe’s AWS infrastructure to deploy a targeted javascript payload specifically for the Bybit multisig/next transaction.
This is insane.
Redblack News™ 🍁
