Cryptocurrency Exchange bybit published a medical examination on the hacking of $ 1.5 billion from last week, revealing that its systems had not been infiltrated and that the problem seemed from a safe compromise portfolio infrastructure.
Bybit has concluded from the examination that “the information of identification of a safe developer was compromised”, which allowed the hacking group of Lazarus to obtain unauthorized access to the safe portfolio and to deceive the staff of the signing of the malicious transaction.
However, a person familiar with the case told Coindesk that despite the infrastructure of the portfolio compromised by social engineering, the pirat would not have been possible if not “signed” the transaction. The term refers to a mechanism where an intelligent contract transaction is approved without complete knowledge of its content.
Safe also published a statement saying that “safe intelligent contracts [were] Not affected, an attack was carried out by compromising a developer machine without danger {Wallet} which affected an account operated by Bybit. “He also pointed out that an” medical examination of researchers in external security has indicated no vulnerability in safe smart contracts or the source code of frontage and services “.
The apparent back and forth between the two companies reflects that of Wazirx and the Liminal Guard, which blamed itself following a feat of $ 230 million last July.
The chain data analyzed by Zachxbt show that Lazarus tries to whiten the stolen funds, 920 portfolios being currently tainted by the badly acquired gains. The funds, perhaps inadvertently, have come with stolen funds from hacks targeting Phemex and Poloniex, connecting the Lazarus group to the three.
Read more: Bybit declares “war in Lazarus” as it grows efforts to freeze the stolen funds
