YEREVAN (CoinChapter.com) — Safe Wallet confirmed that hackers infiltrated its infrastructure, leading to the massive $1.5 billion Bybit breach. The attack stemmed from a compromised developer machine, allowing unauthorized access through a disguised malicious transaction.
Despite the breach, Safe Wallet insists its smart contracts remain intact.
“The forensic review of external security researchers did NOT indicate any vulnerabilities in the Safe smart contracts or source code of the frontend and services,”
the company stated.
Safe Wallet Confirms Lazarus Group Exploited Developer Machine in Bybit Attack. Source: Safe.ethTo address security concerns, Safe Wallet restructured its infrastructure, rotated credentials, and restored services on the Ethereum (ETH) mainnet. However, users have been urged to exercise extreme caution when signing transactions.
Safe Wallet Faces Criticism Over Vague Response
Safe Wallet’s handling of the breach has sparked backlash within the crypto community. Many argue that the company’s explanation lacks transparency.
Changpeng Zhao (CZ), former Binance CEO, expressed doubts about Safe Wallet’s security management.
“I usually try not to criticize other industry players, but I still do it once in a while. This update from Safe is not that great. It uses vague language to brush over the issues. I have more questions than answers after reading it,”
he said.
CZ Questions Safe Wallet’s Security Failures After $1.5B Bybit Hack. Source: CZ_BinanceCZ raised concerns about the security of the developer machine, the deployment of malicious code to Bybit’s environment, and the bypassing of Ledger verification steps. He also questioned why Bybit’s address was targeted, rather than others controlled by Safe Wallet.
A blockchain analyst confirmed that while smart contracts were not breached, the attack compromised the frontend, enabling hackers to manipulate transactions. He described it as a classic supply chain attack, warning that similar threats could extend to frontend services, APIs, and other user-interactive platforms.
Security Expert Warns SafeWallet Hack Puts Multi-Sig Users at Risk. Source: Cos_EvilcosFBI Confirms Lazarus Group Stole 40,000 ETH
Moreover, the FBI officially linked the attack to Lazarus Group, the North Korean-backed hacking syndicate. The agency identified the operation as “TraderTraitor”, which has been responsible for multiple high-profile crypto thefts.
According to the FBI’s report, the group stole 40,000 ETH from Bybit’s cold wallet and quickly converted assets to Bitcoin before dispersing them across thousands of addresses on multiple blockchains. The agency warned that further laundering activities were underway to convert the stolen assets into fiat currency.
Notably, the FBI also published Ethereum addresses tied to Lazarus Group and urged exchanges, DeFi services, and blockchain analytics firms to block transactions linked to these addresses. Authorities continue tracking the stolen funds to disrupt the laundering process.
FBI Confirms North Korea’s Role in $1.5 Billion Bybit Hack, Issues TraderTraitor Warning. Source: FBI
The post Safe Wallet Exposed in $1.5 Billion Bybit Hack, FBI Confirms North Korean Ties appeared first on Coinchapter.
%%featured_image%%
