⚯ Michel de Cryptadamus ⚯<p><a href="https://universeodon.com/tags/SafeWallet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SafeWallet</span></a> published the results of an investigation into <a href="https://universeodon.com/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NorthKorea</span></a>'s theft of $1.4 billion worth of ethereum from <a href="https://universeodon.com/tags/Bybit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bybit</span></a>.</p><p><a href="https://x.com/safe/status/1897663514975649938" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">x.com/safe/status/189766351497</span><span class="invisible">5649938</span></a></p><p><a href="https://universeodon.com/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://universeodon.com/tags/mandiant" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mandiant</span></a> <a href="https://universeodon.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://universeodon.com/tags/crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>crypto</span></a> <a href="https://universeodon.com/tags/DPRK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DPRK</span></a> <a href="https://universeodon.com/tags/TraderTraitor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TraderTraitor</span></a> <a href="https://universeodon.com/tags/LazarusGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LazarusGroup</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
276active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#safewallet
0 posts · 0 participants · 0 posts today
⚯ Michel de Cryptadamus ⚯<p><a href="https://universeodon.com/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NorthKorea</span></a> has finished laundering all of the $1.4 billion worth of crypto it stole from <a href="https://universeodon.com/tags/Bybit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bybit</span></a> into other tokens almost entirely through <a href="https://universeodon.com/tags/ThorChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThorChain</span></a> who made $5.5 million in fees on the laundering effort 👏🏼👏👏🏾.</p><p><a href="https://x.com/benbybit/status/1896798476945744010" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">x.com/benbybit/status/18967984</span><span class="invisible">76945744010</span></a></p><p><a href="https://universeodon.com/tags/LazarusGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LazarusGroup</span></a> <a href="https://universeodon.com/tags/moneylaundering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>moneylaundering</span></a> <a href="https://universeodon.com/tags/crime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>crime</span></a> <a href="https://universeodon.com/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://universeodon.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://universeodon.com/tags/DPRK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DPRK</span></a> <a href="https://universeodon.com/tags/SafeWallet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SafeWallet</span></a></p>
⚯ Michel de Cryptadamus ⚯<p>this interview w/one of the only <a href="https://universeodon.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> people in the crypto industry who has any idea what he's talking about goes through all the incredible failures at every level of both <a href="https://universeodon.com/tags/Bybit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bybit</span></a> & <a href="https://universeodon.com/tags/SafeWallet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SafeWallet</span></a> (whose main product is <a href="https://universeodon.com/tags/GnosisSafe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GnosisSafe</span></a>, AKA "the most important smart contract in the industry"), from the most basic opsec to permissioning to whatever, is a fun time if you're interested in that kind of thing.</p><p>tl;dr the whole crypto industry is an absolute clown car. a clown car that stores $1.4 billion in a single account that the entire C-suite can access.</p><p><a href="https://www.youtube.com/watch?v=W82FxAK9Acg" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=W82FxAK9Ac</span><span class="invisible">g</span></a></p><p><a href="https://universeodon.com/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://universeodon.com/tags/LazarusGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LazarusGroup</span></a> <a href="https://universeodon.com/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NorthKorea</span></a> <a href="https://universeodon.com/tags/DPRK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DPRK</span></a> <a href="https://universeodon.com/tags/crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>crypto</span></a></p>
⚯ Michel de Cryptadamus ⚯<p><a href="https://universeodon.com/tags/Bybit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bybit</span></a> released the conclusions of their investigation into how they got rekt for $1.4 billion by North Korea's <a href="https://universeodon.com/tags/LazarusGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LazarusGroup</span></a>. Summary:</p><p>1. (background) Bybit were dumb enough to store billions of dollars in a single wallet contract using software from a company called SafeWallet (a "Gnosis Safe")</p><p>2. A dev machine of SafeWallet (name is lol) was compromised by Lazarus and used to access SafeWallet's cloud data stores (S3)</p><p>3. malicious JavaScript was pushed to the cloud drive and eventually distributed in a release (?).</p><p>4. The malicious JavaScript code targeted specifically the Bybit contract address to change the content of the transaction during the signing / approval process.</p><p>* Bybit reports: <a href="https://docsend.com/view/s/rmdi832mpt8u93s7#" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docsend.com/view/s/rmdi832mpt8</span><span class="invisible">u93s7#</span></a><br>* Full Statement from SafeWallet: <a href="https://x.com/safe/status/1894768522720350673" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">x.com/safe/status/189476852272</span><span class="invisible">0350673</span></a></p><p>in a normal world Bybit could probably sue SafeWallet, but I'm sure SafeWallet barely exists as an entity.</p><p><a href="https://universeodon.com/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://universeodon.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://universeodon.com/tags/safewallet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>safewallet</span></a> <a href="https://universeodon.com/tags/gnosissafe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gnosissafe</span></a> <a href="https://universeodon.com/tags/ethereum" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ethereum</span></a> <a href="https://universeodon.com/tags/DPRK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DPRK</span></a> <a href="https://universeodon.com/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NorthKorea</span></a> <a href="https://universeodon.com/tags/crime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>crime</span></a> <a href="https://universeodon.com/tags/hackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackers</span></a> <a href="https://universeodon.com/tags/blackhat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blackhat</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload