In case anyone is interested, Bybit Hack Forensics Report:

https://docsend.com/view/s/rmdi832mpt8u93s7

TL;DR:

- Hackers injected malicious code into app.safe.global on Feb 19, 2025, targeting Bybit’s Ethereum Multisig Cold Wallet.

- The attack was triggered automatically during Bybit’s next transaction on Feb 21, 2025.

- Investigation suggests Safe.Global’s AWS or CloudFront credentials were compromised, allowing attackers to modify the JavaScript file.

- The malicious code was found in the Wayback Machine archive, confirming its legitimacy.

- Further investigation is needed to determine the full impact and root cause.

Bottom line: A supply chain attack was used to compromise a key security tool, leading to a targeted wallet exploit.

This is a crucial reminder about the importance of securing supply chains in the crypto space. It's alarming to see how vulnerabilities can be exploited. Looking forward to updates on the investigation and potential measures to enhance security.

Scaling Fintech, Web3 & AI Companies | @Emagine Ventures | Prev. @MoonPay