Cryptocurrency hackers stole $2.2 billion from platforms in 2024

Can you perhaps give some more info about this hack?

From what I understood, Bybit tried to transfer money from its cold wallet to a hot wallet, so this wasn't the same as offline signing? And this is something that is never done by security aware people like yourself?

And to clarify, what I meant is that all of this web3/DeFi/blockchain/smart contract nonsense is so complex that even reputable companies get hacked once in a while, let alone ''normal'' less knowledgeable people.

 

First you have to know that a very small percentage of BTC users even attempt self custody, which is in my opinion a fatal error just waiting to happen. The exchange in this thread getting hacked is a prime example. They are large enough to easily cover the loss so nobody is out luckily on this exact instance. Others in the past were not so lucky.

Even more scarce is a person taking self custody AND using a hardware wallet to do so. Its under 5% by most estimations. So then I am not talking to the 95% but to the remaining 5% in the following discussion.

When a hardware wallet (a great proven one from a leading company) is used the private keys controlling the transaction are held inside the hardware device and NO computer will ever see those keys. Using a combination of PINs and passwords the hardware device is used to mathematically sign a transaction specific to the EXACT destination address. The hardware device controls all access to the sending Bitcoin address. Once the device confirms the transaction thereby signing the transaction -- ONLY the exact and specific destination address can be used to move any coins from the SEND address (YOUR coins in this example). On my hardware device I have the destination address displayed clearly on the device screen and I carefully compare and make sure the destination is correct. If it is and I CONFIRM on my device, that is the ONLY address to which my coins can be sent. No exceptions. Please don't ask me to respond to the other 95% here. Frankly, they should know better and are usually careless or lazy in this regard. My .02

 

OK, so what you're saying is, that this company messed up, and this wouldn't have happened to you? Are you familiar with the Safe Global company? I see it's quite a well known crypto company, but security procedures were quite bad apparantly.

To clarify, you already know that I don't believe in crypto, but I'm finding the security aspects of this hack quite interesting. Here is some more technical info about the hack, see first link. And in the second link you can read about how users of Ledger were targeted, but I suppose you're not using any dApps?

https://www.nccgroup.com/us/research-blog/in-depth-technical-analysis-of-the-bybit-hack/
https://www.fireblocks.com/blog/ledger-connect-attack-what-you-need-to-know/?nab=0

 

In link one please refer to the yellow box statements in the attack analysis ---- "The signers don't notice that the message in their wallets is tampered . -------- > careless

The computers being used were hacked with bogus software creating the "tampering".

A good HARDWARE WALLET would totally prevent the transfer of funds to a tampered address IF the user(s) would have paused and taken the time to notice the change before signing/confirming the transaction. Back to basic math. The hardware device confirms/signs the transaction mathematically to the exact address displayed on the window of the device (NOT ANYTHING DISPLAYED ON A COMPUTER SCREEN). This is why an infected computer cannot defeat a hardware wallet if used properly. A computer can NEVER see or have any access to the private keys controlling the sending address in a transaction. Its math and not magic!!

Rule ONE for hardware wallet use: Triple check maybe even more the device display is showing clearly the exact address you are intending to send funds to. Until you positively see and triple confirm you DO NOT click confirm/send. Could it really be much easier?

 

OK, I see what you mean. I also didn't understand why the signers didn't notice it, I believe they blamed the Ledger device for this? And to clarify, their own computers were not hacked, it was one of the Safe Global employees that was hacked (macOS laptop), so that's why the hackers managed to tamper with the Safe Wallet website.