Safe: The North Korean hacker group TraderTraitor is behind the Bybit theft incident

ChainCatcher news, Safe announced that its joint security investigation with Mandiant (now part of Google Cloud) has made significant progress and confirmed that the theft incident on Bybit on February 21 was perpetrated by the North Korean hacker group TraderTraitor, which has previously targeted the crypto industry multiple times.

The attackers compromised the laptop of a Safe{Wallet} developer and hijacked an AWS session token to bypass multi-factor authentication controls. This developer is one of the few with higher privileges to perform their duties.

Safe calls on the Web3 ecosystem to collectively address the increasingly complex security threats and to enhance the optimization of transaction verification tools to improve user security. The official team has released a detailed transaction verification guide and plans to further optimize the user experience to reduce potential risks.