Odaily星球日报讯 币安联创 CZ 在 X 平台发文表示，自己通常不会批评其他行业参与者，但是 Safe 发布的事件报告使用模糊的语言来掩盖了问题。读完后，问题多于答案，包括： 1、“入侵 Safe {Wallet}开发者机器”是什么意思？他们是如何破解这台特定的机器的？是社会工程、病毒等吗？ 2、开发者机器如何访问“Bybit 运营的账户”？一些代码从这台开发人员机器直接部署到生成环境中？ 3、他们是如何在多个签名者中欺骗 Ledger 验证步骤的？是盲签吗？还是签名者没有正确验证？ 4、14 亿美元是使用 Safe 管理的最大地址吗？他们为什么不针对其他人呢？ 5、其他“自托管、多签名”钱包提供商和用户可以从中学到什么？

Odaily星球日报讯 币安联创 CZ 在 X 平台发文表示，自己通常不会批评其他行业参与者，但是 Safe 发布的事件报告使用模糊的语言来掩盖了问题。读完后，问题多于答案，包括：1、“入侵 Safe {Wallet}开发者机器”是什么意思？他们是如何破解这台特定的机器的？是社会工程、病毒等吗？2、开发者机器如何访问“Bybit 运营的账户”？一些代码从这台开发人员机器直接部署到生成环境中？3、他们是如何在多个签名者中欺骗 Ledger 验证步骤的？是盲签吗？还是签名者没有正确验证？4、14 亿美元是使用 Safe 管理的最大地址吗？他们为什么不针对其他人呢？5、其他“自托管、多签名”钱包提供商和用户可以从中学到什么？

CZ：Safe回应Bybit被盗事件语言模糊，多个问题没有明确解释

Odaily reported that Binance co-founder CZ posted on the X platform, stating that he usually does not criticize other industry participants, but the incident report released by Safe used vague language to cover up the issues. After reading it, there are more questions than answers, including:

1. What does "hacking the Safe {Wallet} developer machine" mean? How did they crack this specific machine? Was it social engineering, viruses, etc.?

2. How did the developer machine access the "Bybit-operated accounts"? Did some code get deployed directly from this developer machine to the production environment?

3. How did they deceive the Ledger verification step among multiple signatories? Was it blind signing? Or did the signatories fail to verify correctly?

4. Is the $140 million address the largest managed by Safe? Why didn't they target others?

5. What can other "self-custody, multi-signature" wallet providers and users learn from this?

Odaily reported that Binance co-founder CZ posted on the X platform, stating that he usually does not criticize other industry participants, but the incident report released by Safe used vague language to cover up the problems. After reading it, there are more questions than answers, including: 1. What does "hacking the Safe {Wallet} developer machine" mean? How did they crack this specific machine? Was it social engineering, viruses, etc.? 2. How did the developer machine access the "Bybit-operated accounts"? Were some codes directly deployed from this developer machine to the production environment? 3. How did they deceive the Ledger verification step among multiple signatories? Was it blind signing or did the signatories fail to verify correctly? 4. Is the $1.4 billion address the largest managed by Safe? Why didn't they target others? 5. What can other "self-custody, multi-signature" wallet providers and users learn from this?

CZ: Safe’s response to the Bybit theft was vague, and many questions were not clearly explained

Odaily reported that Safe posted a response on the X platform regarding Bybit's hacking forensics report, stating that the forensic review of the targeted attack by the Lazarus Group on Bybit concluded that the attack on Bybit's Safe was carried out through a compromised Safe{Wallet} developer machine, leading to spoofed malicious transactions. Lazarus is a government-supported North Korean hacker group known for conducting sophisticated social engineering attacks on developer credentials, sometimes combined with zero-day vulnerabilities. The external security researcher's forensic review did not indicate any vulnerabilities in the Safe smart contract or the source code of the frontend and services. After the recent incident, the Safe{Wallet} team conducted a thorough investigation and has been restoring Safe{Wallet} on the Ethereum mainnet in phases. The Safe{Wallet} team has fully rebuilt and reconfigured all infrastructure and rotated all credentials to ensure the attack vector has been completely eliminated. The Safe{Wallet} team will release a full post-incident analysis once the final investigation results are available. The Safe{Wallet} frontend remains operational with additional security measures. However, users need to be extra cautious and vigilant when signing transactions.

Safe: Forensic review by external security researchers did not indicate vulnerabilities in the wallet smart contracts or front-end and service source code

The preliminary report on the forensic investigation conducted by Sygnia on behalf of <Bybit> is as follows.

Quick reading of Bybit forensic investigation report: Is Safe a breakthrough point for hackers?

As the core infrastructure of the crypto industry, asset security is of vital importance to exchanges. How to build a comprehensive and reliable security system to protect user assets has become a key task for every compliant exchange.

CZ: Safe’s response to the Bybit theft was vague, and many questions were not clearly explained

Download app to participate in rewarding events