The cryptocurrency industry was left shell-shocked earlier this year when Bybit, the industry’s second-largest exchange platform based on trading volume, lost around $1.5 billion worth of Ethereum.
The exchange fell victim to the biggest-ever crypto heist on February 21, but it immediately set about trying to mitigate the damage and recover as much of the funds as possible. It was widely praised for its comprehensive response to the attack, and has also been among the loudest voices urging the need for industry-wide security reform.
Crypto analysts and security experts quickly unraveled how the hackers – suspected to be the North Korea-backed Lazarus Group – pulled off the attack, and alarmingly they showed that they weren’t using any new tricks. Rather, they exploited a vulnerability known as “blind signing” in cold multisig wallets that have become the gold standard for the crypto industry. It’s an attack vector that’s been used before, and one analyst described it as “completely preventable”.
What Went Down?
There’s no doubt that the Bybit hack was a meticulously planned operation by one of the most sophisticated hacking groups on the planet, but alarmingly, it’s one that probably could have been pulled off by many others.
Like many cryptocurrency exchanges, Bybit uses multisig cold wallets for storing its digital assets. With these multisig wallets, which are stored offline, multiple individuals who each hold a portion of the private key are required to “sign” any transaction before it can be executed. This enhances security by distributing the approval authority across several trusted persons. Because cold wallets are stored offline, this adds an extra layer of protection, but the incident shows that this strategy is most definitely not enough.
The hackers exploited a sophisticated vulnerability that allowed them to redirect funds from a routine transfer from one of Bybit’s multisig cold wallets.
Investigations show that the hackers were able to compromise an employee of Safe {Wallet}, which provides the multisig cold wallet used by Bybit, allowing them to manipulate the signing interface that’s presented to each of the authorized signers. In this way, the hackers were able to trick the signers into thinking that the transaction would send the funds to the correct destination address – another wallet controlled by Bybit. It masked the real destination, which was a wallet controlled by Lazarus Group.
Because the signers thought they were signing a transaction that showed the funds were headed to one of their own wallets, they all signed off without hesitation, thinking it’s just another routine transfer that occurs almost every day.
This type of exploit, which uses a rogue interface, is known as a “blind signing” vulnerability. Using this technique, they were able to trick the signers into executing a smart contract that gave them full control of the multisig wallet, and the ability to redirect the funds to one of their own wallets.
Had any of Bybit’s signers manually verified the transaction, they would have seen that the true destination address was different from the one stated on the UI. The brilliance of the attack is that the hackers didn’t need to steal the private keys of the multisig wallet, which is the most common technique. They simply deceived the private key holders into approving the fraudulent transfer.
The moment the transaction was approved by all of the required signers, the hackers were able to alter the smart contract logic and redirect around 401,347 ETH, valued at around $1.4 billion at the time, to a wallet they controlled.
It Could Have Been Stopped
What’s especially concerning is that the Bybit hack could so easily have been avoided, and that’s why Bybit itself is at the forefront of a growing push for the crypto industry to strengthen its security systems and drop its reliance on multisig wallets alone.
The Safe {Wallet} tool used by Bybit is one of the most popular in the industry, but shockingly, it was never designed as an enterprise-grade tool, but rather more for individual users and hobbyists.
“The Bybit hack has shattered long-held assumptions about crypto security,” the crypto security firm Check Point wrote in its analysis of the attack. “No matter how strong your smart contract logic or multisig protections are, the human element remains the weakest link. This attack proves that UI manipulation and social engineering can bypass even the most secure wallets.”
The reliance on Safe {Wallet}’s multisig smart contract interface alone proved to be Bybit’s undoing, for the hackers easily bypassed the cryptographic safeguards put in place by Safe to prevent this kind of thing from happening.
This is why crypto exchanges must implement a more layered approach to security, where the assumption is that even trusted platforms can be breached. To counter this, they need to implement strict cross-checking mechanisms to ensure the transaction details haven’t been altered or obfuscated somehow. They need to adhere to the long-held mantra in enterprise security, which quite simply states: “Don’t trust, verify”.
Fortunately, the tools to do this already exist. For instance, the hardware-backed CubeSigner wallet provides its own interface for verifying transaction details, and also allows for the implementation of security policies. For instance, companies can create a rule that prohibits transfers above a specified amount, even if the transfer is signed by all approved parties. It does this because the policies are enforced on the system backed, rather than the user’s devices. So if the UI displays one thing but submits a different transaction on the backend, the transaction won’t be approved.
An alternative to CubeSigner is the policy enforcement tool Seraph, which goes further by simulating each transaction prior to execution. This makes it simple for users to detect any malicious modifications to the smart contract, as they’ll see the funds heading into a different wallet from the intended destination before they even approve it. Had Bybit deployed a tool like Seraph, the signer would have triggered an alert that would have prevented them from signing the fraudulent transaction.
Artificial intelligence tools such as Blockaid offer another approach to boosting multisig security. Blockaid works by adding itself as a co-signer, which also needs to approve each transaction, as well as the human involved. It acts like a kind of intelligent guardian, checking all of the transaction details, including the smart contract logic. In this way, it sees more than what’s shown on the wallet interface, and validates that every detail is correct before granting its approval. According to Blockaid, its tool was purposely built to close the bling signing loophole, enhancing the security of multisig wallets.
A final solution is GK8’s cloud-hosted Impenetrable Vault, an offline device with zero digital input that sets the parameters of each transaction manually to confirm they comply with the user’s preset policies and whitelisted wallet address, ensuring that illegitimate transactions cannot happen.
An Impressive Response
The response from Bybit to the attack has been nothing short of exemplary, and it has taken multiple actions to not only recover, but ensure that it will never again fall victim to blind signing vulnerabilities.
In the immediate aftermath of the attack, Bybit rapidly isolated the compromised multisig cold wallet and halted any further transactions from taking place. Its security team immediately began a forensic investigation, securing expertise from a number of specialist blockchain analytics providers and law enforcement agencies.
In addition, Bybit said it collaborated closely with Safe to overhaul the security of its existing multisig wallets and implement more strict manual verification measures for high-value transactions. It also engaged with experts including Sygnia Labs and Verichains to conduct an independent review of the incident, and those companies both produced detailed reports, finding there was no sign of compromise within its own infrastructure.
Within a week of the hack taking place, Bybit issued a statement saying it had now shifted the bulk of its cold storage funds out of Safe {Wallet} and is now using multiple multisig wallets with more enhanced security. It added that it’s actively evaluating alternative wallet solutions to ensure the funds under its custody meet the highest security standards.
“We should have upgraded and moved away from Safe,” Bybit Chief Executive Sam Zhou said in an interview. “We’re definitely looking to do that now.”
Bybit also took quick steps to reassure its customers that it still has more than enough assets on its books to meet all customer obligations, undergoing a third party proof-of-reserves audit in the wake of the attack. The audit confirmed it has over-collateralization of all key assets, including BTC, ETH, SOL, USDT and USDC.
Lastly, Bybit united the industry in an effort to hit back at Lazarus Group with the launch of a new initiative called LazarusBounty.com, which aims to incentivize “good” hackers and security experts to help track and secure the stolen funds and prevent the attackers from cashing out its loot.
By responding rapidly with transparent proof of its financial stability and its commitment to stepping up security and tracking down the hackers, Bybit pulled off something quite unprecedented in the industry – emerging from the crisis with its reputation not just intact, but even stronger than before, with user confidence in the platform fully restored in less than a week.
Building Greater Trust In Crypto
Nonetheless, Bybit was the first to concede that the incident must serve as a wakeup call for the crypto industry, which simply cannot afford to let its guard down in the fight against cybercrime.
The hack highlighted a critical flaw in the widely-used multisig wallet security set up that’s employed by most exchange platforms today. It shows that these wallets aren’t enough. Exchanges must do more, and transaction-level audits, verification and policy enforcement must become essential components of a proper, enterprise-grade security system.
In addition, the incident highlights the need for the industry to develop more advanced asset-tracking tools and real-time monitoring systems, and for continued innovation in areas such as blockchain forensics, so it can stay one-step ahead of sophisticated cybercrime groups like Lazarus.
It’s vital that the broader crypto industry steps up its game. Digital assets are no longer an obscurity or a novelty. They’re taking on a growing role in the global financial system, and that makes it more important than ever to secure these assets. If the industry takes the opportunity to respond and implements more proactive security, the world’s biggest-ever crypto heist may well have a silver lining, paving the way towards a safer and more trusted ecosystem that benefits every stakeholder.
