Jason Jiang, CertiK’s Chief Business Officer, recently appeared on Cointelegraph’s podcast “The Agenda” to discuss Web3.0 security in depth regarding the Bybit incident. When $1.4 billion in assets evaporated overnight, it shocked not only the industry, but also every user who cares about the security of digital wealth. This is not only the largest theft in the history of cryptocurrencies, but also exposes the risks hidden in the rapid development of the industry.
As a leader in blockchain security, CertiK has never stopped analyzing such threats. After the Bybit incident, CertiK quickly conducted technical analysis and pointed out the existence of the blind signature problem. During the conversation, Jason explained the reasons for the blind signature and recommended that users check the transaction address at least three times.
When the THORChain verification node refused to roll back the transaction, Jason said bluntly, We are like in the Wild West, but also emphasized that only by embracing regulation can the Web3.0 industry move towards maturity. In the face of hacker attacks worth billions of dollars, a mere $4,000 in bug bounties seems insignificant, and the industry urgently needs to face up to the lack of security investment. After all, the golden age of the Web3.0 world should not be a carnival for hackers.
Below is the full report, click here to listen to the podcast:
After Bybit’s $1.4 billion theft, CertiK executives explain how to improve the security of crypto assets
In February, the Bybit hack sent shockwaves through the industry. North Korean hacker group Lazarus Group reportedly stole $1.4 billion worth of Ethereum-related tokens from the centralized exchange, making it the largest cryptocurrency theft in history.
The aftermath of the hack has raised many questions: What went wrong? Is your money safe? And what steps should be taken to prevent such an incident from happening again?
According to blockchain security firm CertiK, this massive theft accounted for about 92% of all losses in February, causing total cryptocurrency losses in February to surge nearly 1,500% from January.
In the 57th episode of Cointelegraph’s The Agenda podcast, hosts Jonathan DeYoung and Ray Salmond spoke with Jason Jiang, Chief Business Officer at CertiK, about how the Bybit hack occurred, the consequences of the exploit, and what users and exchanges can do to keep their cryptocurrencies safe.
After the Bybit theft, are crypto wallets still safe?
In short, Jason believes that the reason why the Lazarus Group was able to successfully carry out a large-scale hacking attack on Bybit was because the official front-end script code of Safe was contaminated and replaced with malicious code. The three signatories managed the multi-signature SafeWallet that Bybit was using. The organization then used the contaminated front-end code to cause the signatories to sign malicious transactions that they believed to be legitimate.
Does this mean that SafeWallet can no longer be trusted? Jason said its not that simple. When the Safe developers computer was hacked, more information could have been leaked from that computer. But I think the likelihood of this happening to individual users is pretty low.
He said there are several ways ordinary users can significantly improve the security of cryptocurrencies, including storing assets in cold wallets and being wary of potential phishing attacks on social media.
When asked if Ledger or Trezor hardware wallets could be exploited in a similar way, Jason again said that this is not a big risk for the average user, just need to do due diligence and be cautious with transactions.
“One of the reasons this incident happened is that the signer blindly signed the transaction instruction without seeing the complete address,” he added. “Always make sure that the address you send is the address you really want to send it to, especially when it comes to large transactions, you should confirm and check again and again.”
I think after this incident, the industry will try to correct itself and improve, and promote transparency and easy identification of the signature process. Of course, there are many other lessons worth learning, but this is undoubtedly one of them.
How to Prevent the Next Multi-Billion Dollar Exchange Hack?
Jason pointed out that the lack of comprehensive supervision and security measures may be one of the factors that led to the continued fermentation of this hacking incident. Previously, some verification nodes of the cross-chain bridge protocol THORChain refused to roll back or prevent the Lazarus group from using the protocol to convert the stolen funds into Bitcoin, which further triggered discussions in the industry about the boundaries of decentralization.
Welcome to the Wild West, Jason said, This is our current reality.
In our view, if cryptocurrencies want to thrive, they need to embrace regulation, he said. In order to be more acceptable to the public, we need to proactively approach regulation and find ways to improve the safety of the industry.
Jason praised Bybit CEO Ben Zhou for his response after the incident, but he also pointed out that the bug bounty program Bybit launched before the hack only offered a bonus of $4,000. He said that although most cybersecurity practitioners are not motivated by money alone, increasing the amount of bug bounties will still help exchanges maintain higher security.
When asked how exchanges and protocols can incentivize and retain top talent to secure their systems, Jason noted that security engineers don’t always get the recognition they deserve.
“A lot of people think that Tier 1 talent is going to development roles because that’s where they get the most reward,” he said. “But it’s also about whether we’re giving security engineers enough attention. They have a huge responsibility.”
We should appropriately reduce their pressure and give them more recognition and incentives. Whether it is monetary rewards or honorary recognition, we should give them reasonable rewards within our capacity.
