比特财经阿杰
--
$ETH In-depth analysis of the North Korean hacking incident
Recently, a theft incident that shocked the industry occurred at the Bybit exchange, with nearly 1.5 billion ETH stolen. The basic situation currently known is as follows:
1. Theft method: Hackers stole assets directly from cold wallets, which raised many questions: Is the hacker's technology too advanced, or is there an insider?
2. Suspect pointing: From the technical and public opinion level, it is more inclined to believe that it was done by North Korean hackers.
3. Market impact: This incident has a short-term negative impact on the price of ETH. Yesterday, the price fell from US$2,800 to US$2,600 (the lowest). The impact of the incident has been basically digested.
4. Industry support: Binance and Bitget extended a helping hand to Bybit. The two exchanges sent more than 50,000 ETH to the Bybit wallet to support their peers through the difficulties.
5. Current status of Bybit: The Bybit platform has not been significantly affected at present, and the withdrawal function is normal. Its CEO said that the platform's overall funds are sufficient to cover the losses, and the incident has been basically handled properly.
Hacker operation process
The hacker's methods are very clever, and the operation process is as follows:
• Advance layout: The hacker deployed the malicious backdoor contract three days in advance.
• Precision intrusion: The hacker has most likely invaded the computers of three multi-signature members of Bybit, and after confirming that the attack conditions are met, he waits for his operation.
• Stealing and replacing: When the multi-signature staff performed daily transfer and other signature operations, the hacker took the opportunity to replace the signature content. The staff still saw a normal transfer transaction on the webpage, but they did not know that it had been tampered with to "upgrade the contract to replace the malicious contract".
• Fund theft: After the malicious contract was successfully deployed, the hacker easily withdrew all the funds, leading to this tragedy.
According to the analysis of experts on the chain, this incident is likely to be caused by the North Korean-backed hacker organization Lazarus Group. North Korea has abundant BTC reserves, but almost all of them come from hacker theft. Historically, North Korean hackers have carried out similar attacks many times.
The threat of North Korean hackers should not be underestimated. This incident once again reminds us that the cybersecurity situation is severe and all platforms must strengthen prevention to avoid repeating the same mistakes.
#bybit被盗 #钱包安全 #Hashdex获准在巴西推出XRPETF #BNBChainMeme热潮 #山寨季來了? $ETH
Recently, a theft incident that shocked the industry occurred at the Bybit exchange, with nearly 1.5 billion ETH stolen. The basic situation currently known is as follows:
1. Theft method: Hackers stole assets directly from cold wallets, which raised many questions: Is the hacker's technology too advanced, or is there an insider?
2. Suspect pointing: From the technical and public opinion level, it is more inclined to believe that it was done by North Korean hackers.
3. Market impact: This incident has a short-term negative impact on the price of ETH. Yesterday, the price fell from US$2,800 to US$2,600 (the lowest). The impact of the incident has been basically digested.
4. Industry support: Binance and Bitget extended a helping hand to Bybit. The two exchanges sent more than 50,000 ETH to the Bybit wallet to support their peers through the difficulties.
5. Current status of Bybit: The Bybit platform has not been significantly affected at present, and the withdrawal function is normal. Its CEO said that the platform's overall funds are sufficient to cover the losses, and the incident has been basically handled properly.
Hacker operation process
The hacker's methods are very clever, and the operation process is as follows:
• Advance layout: The hacker deployed the malicious backdoor contract three days in advance.
• Precision intrusion: The hacker has most likely invaded the computers of three multi-signature members of Bybit, and after confirming that the attack conditions are met, he waits for his operation.
• Stealing and replacing: When the multi-signature staff performed daily transfer and other signature operations, the hacker took the opportunity to replace the signature content. The staff still saw a normal transfer transaction on the webpage, but they did not know that it had been tampered with to "upgrade the contract to replace the malicious contract".
• Fund theft: After the malicious contract was successfully deployed, the hacker easily withdrew all the funds, leading to this tragedy.
According to the analysis of experts on the chain, this incident is likely to be caused by the North Korean-backed hacker organization Lazarus Group. North Korea has abundant BTC reserves, but almost all of them come from hacker theft. Historically, North Korean hackers have carried out similar attacks many times.
The threat of North Korean hackers should not be underestimated. This incident once again reminds us that the cybersecurity situation is severe and all platforms must strengthen prevention to avoid repeating the same mistakes.
#bybit被盗 #钱包安全 #Hashdex获准在巴西推出XRPETF #BNBChainMeme热潮 #山寨季來了? $ETH
Disclaimer: Includes third-party opinions. No financial advice. May include sponsored content. See T&Cs.
0
0
Explore the latest crypto news
⚡️ Be a part of the latests discussions in crypto
💬 Interact with your favorite creators
👍 Enjoy content that interests you
Email / Phone number