![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
Considering that the Bybit exchange hack worth $1.4B became the largest in history, it requires us to learn crucial lessons about the reliability of this platform and the security of the whole crypto industry.
Here, we will delve deeply into Bybit’s system security measures, as well as funds and customer protection, to better understand how one of the biggest crypto platforms with millions of users worldwide became a victim of a successful cyber attack.
Was Bybit Hacked?
First things first, and let’s get a clear definition of “hack” and determine whether Bybit hacked. Hack means that some system has a vulnerability, and bad actors explored and exploited it earlier than the security team could fix it.
Thus, from a purely technical standpoint, a system can be considered hacked if:It has a known or zero-day vulnerability that was exploited by an attacker.The attacker gained unauthorized access to the system's internals or data.
Let’s evaluate this from a technical perspective, with the recent research from two cybersecurity firms, Verichains and Sygnia Labs, being particularly helpful. Specifically, Verichains’ report clarifies that the issue was not on Bybit’s side but rather in the multi-sign service Safe:Proxy wallet management compromiseSpoofs the logic of the proxy contractFunds withdrawal
Does This Mean That Bybit Was Not Hacked?
First, let’s answer another question: Can a hack only occur due to technical reasons? Not really, because today’s systems are mostly too complex, meaning an attacker must develop a sophisticated attack that includes both technical vulnerabilities in the target system or its integrations, as well as social engineering, where the targets are internal staff, vendors, etc.
Therefore, dividing attack tactics and scenarios into technical and non-technical categories does not provide a clear-cut definition, and it’s better to assess it based on the outcome.
One of the classic and precise ways to evaluate this is the CIA triad, which states that a system should be designed to ensure that its information maintains three key principles: Confidentiality, Integrity, and Availability.
Confidentiality – Not Compromised Overall
Integrity – Compromised, But Not in Bybit’s Infrastructure
Availability – Not Compromised Overall
After reviewing this situation from multiple perspectives, we can conclude that, strictly speaking, Bybit was not hacked, but it was subjected to a sophisticated and successful attack by the Lazarus Group, as discovered ZachXBT. Although the investigation is still ongoing, the latest reports indicate that Bybit’s systems, infrastructure, and data were not compromised, further confirming my initial assumption.
Bybit Security Measures
Let’s use an analogy: suppose a criminal decides to rob a bank. If the bank lacks proper security, they can simply walk in, make threats, and leave with the stolen money. However, with many cameras and guards, the attacker will be forced to look for alternative ways to carry out the heist—otherwise, the risk would be too high.
Now, this leads us to the logical conclusion that since the attackers chose not to conduct a direct attack but instead carried out a more complex and costly operation, it indicates that Bybit is well-protected against direct intrusions.
Let’s look at the specific security mechanisms and protective measures Bybit has in place, which forced the attackers to compromise intermediaries rather than the platform itself.
Asset Protection: Cold Wallets and Cryptographic Security
Bybit places significant emphasis on the secure storage of assets, and ironically, this was not enough to prevent the incident. Specifically, they store the majority of funds in cold wallets, withdrawing a portion every three weeks to facilitate user withdrawals and other platform operations. In this context, they implement a triple-layer security system:Multi-Signature Authentication – Requiring multiple independent signatures for withdrawals from cold wallets, preventing unauthorized access.Trusted Execution Environment (TEE) – A secure execution environment that protects critical operations from external attacks.Threshold Signature Schemes (TSS) – Distributing signing authority among multiple independent participants to eliminate single points of failure.
However, as we now know, the third-party Multi-Signature Authentication service turned out to be one of the weak points. Yet, everything under Bybit’s direct control remained secure—otherwise, we would have seen all of the exchange’s funds be stored in hot wallets, exposed to direct attacks, and putting not just some wallets but the entire platform at risk.
Real-Time Transaction Monitoring and Control
As a part of its risk control system, Bybit implements continuous analysis of user activity and transactions.
User Behavior Analysis – The exchange detects and analyzes suspicious activities such as logins from new devices, abnormal transaction volumes, or IP address changes.Automated Authentication Enhancement – If the system detects deviations from normal behavior, such as an attempt to withdraw large amounts of funds, the user will be required to undergo additional identity verification.Notification and Logging System – Any changes to the account, login attempts, API key modifications, or large withdrawals are instantly recorded and reported to
免责声明:info@kdj.com
所提供的信息并非交易建议。根据本文提供的信息进行的任何投资,kdj.com不承担任何责任。加密货币具有高波动性,强烈建议您深入研究后,谨慎投资!
如您认为本网站上使用的内容侵犯了您的版权,请立即联系我们(info@kdj.com),我们将及时删除。
-
- PI网络:通过AI为全球经济和未来提供动力
- 2025-07-10 12:50:12
- PI网络正在改变全球经济,利用区块链进行无边界交易,并为建立包容性的数字未来。
-
- 加密货币:GMX赏金在4200万美元的排水量后提供
- 2025-07-10 12:50:12
- GMX遭受了一个主要的利用,损失了4200万美元。向黑客提供了赏金以返回资金。这对Defi安全意味着什么?
-
- 加密货币清算和比特币的疯狂骑行:下一步是什么?
- 2025-07-10 12:30:12
- 比特币带有新的高点,隐私硬币崩溃和清算飙升。这是新常态吗?让我们打破加密混乱。
-
-
-
-
- 比特币与巴西真实:在关税战争中导航波动
- 2025-07-10 11:10:12
- 在美国 - 巴西的关税紧张局势中,巴西的真实面孔波动性是一项避风港资产。探索逆势投资机会。
-
- 风险投资公司,比特币和资金:加密货币未来的纽约分钟
- 2025-07-10 11:10:12
- 风险投资公司在比特币上大放异彩,这表明从猜测转向基础设施。自我死亡资本的1亿美元基金正在领导这一指控。
-