How the $1.5 Billion Bybit Hack Could Have Been Prevented - Ep. 791

How the $1.5 Billion Bybit Hack Could Have Been Prevented - Ep. 791

Unchained

Crypto derivatives exchange Bybit just became the latest victim of North Korea’s elite hacking unit, the Lazarus Group. They didn’t brute-force their way in. They didn’t exploit some obscure vulnerability. Instead, they tricked a trusted developer, slipped in malicious code, and took off with a fortune.

How did this happen? Why was $1.5 billion sitting in a single wallet? What mistakes did Bybit and Safe make? And, more importantly, what needs to change to stop this from happening again?

This week, Mudit Gupta, chief information security officer at Polygon, joins Unchained to expose the security failures, the sophisticated tactics Lazarus used, and why crypto still hasn’t learned its lesson.

Show highlights:

  • 2:11 Mudit’s experience with North Korea’s Lazarus
  • 3:24 How Lazarus perpetrated the $1.5 billion hack
  • 5:55 Why Lazarus relies on social engineering over technical exploits
  • 7:34 Why Bybit was so specifically targeted by the hackers
  • 10:02 What Bybit should have done to prevent the exploit
  • 13:12 Why Mudit believes there was “no reason” to hold so much ETH in one single wallet
  • 15:57 Who should be a signer in multisigs
  • 17:46 How to prevent using a malicious website
  • 19:13 Why Safe should have done things differently, according to Mudit
  • 19:55 How Bybit and Safe handled crisis communication
  • 24:20 Mudit’s must-know security tips for protecting your crypto


Visit our website for breaking news, analysis, op-eds, articles to learn about crypto, and much more: unchainedcrypto.com

Thank you to our sponsors!

Guest

  • Mudit Gupta, Chief Information Security Officer at Polygon


Links

Learn more about your ad choices. Visit megaphone.fm/adchoices

Activity

Switch to the Fountain App

Open in Fountain
Unchained • How the $1.5 Billion Bybit Hack Could Have Been Prevented - Ep. 791 • Listen on Fountain