Roberto Bayardo 🎩 pfp
Roberto Bayardo 🎩
@bayardo.eth
The sophistication of this attack boggles the mind and should terrify any project relying on multisig ceremonies. "The malware manipulated the front-end interface of Safe{Wallet} ... displaying legitimate transaction data to the developers while executing malicious transactions in the background." I'm very interested in learning exactly how that was accomplished. https://crypto.news/post-mortem-reveals-stealthy-malware-injection-led-to-50m-radiant-capital-exploit/
3 replies
11 recasts
62 reactions

Roberto Bayardo 🎩 pfp
Roberto Bayardo 🎩
@bayardo.eth
The full post-mortem: https://medium.com/@RadiantCapital/radiant-post-mortem-fecd6cd38081
0 reply
0 recast
3 reactions

agusti pfp
agusti
@bleu.eth
Inside job? Looks like gr at excuse 😂
1 reply
0 recast
0 reaction

Stas pfp
Stas
@stas
Ok Roberto, please help me understand how is it possible that SAFE displays one thing while you're signing something completely different? Like I'm sorry, but how can we trust SAFE web app after this. I'm trying hard to not point fingers at how bad the SAFE UX is for a product managing a ton of tvl.
1 reply
0 recast
0 reaction