KeyTakeaways:
CZ warns crypto exchanges about multi-sig chilly storage vulnerabilities after Bybit hack. Lazarus Group’s superior ways goal multi-sig techniques throughout a number of exchanges. CZ advises pausing withdrawals post-breach to restrict harm and restore consumer belief.
Changpeng Zhao (CZ), former Binance CEO, not too long ago expressed concern over hackers’ rising capability to focus on multi-sig chilly storage options on cryptocurrency exchanges. Following the large $1.4 billion hack on Bybit, CZ highlighted the rising dangers posed by hackers, particularly the Lazarus Group, a North Korean hacking group, and urged exchanges to take stronger measures to safeguard their chilly storage techniques.
Some ideas on the latest hack(s).
There’s a sample the place hackers had been in a position to steal massive quantities of crypto from multi-sig “chilly storage” options, as with ByBit, Phemex, WazirX and probably others. In the latest ByBit case, the hackers had been in a position to make the…
— CZ
BNB (@cz_binance) February 22, 2025
The Bybit hack on February 21 prompted a blow to the crypto group, with over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH), and different ERC-20 tokens stolen. This incident has raised alarms in regards to the vulnerability of multi-sig chilly storage wallets, a key safety measure many exchanges depend on to guard crypto property.
Lazarus Group Behind the Assaults
Cybersecurity specialists, together with Arkham Intelligence and ZachXBT, have traced the Bybit breach to the Lazarus Group. This group has gained notoriety for its superior hacking ways and talent to use varied vulnerabilities.
CZ’s concern is that the Lazarus Group efficiently infiltrated completely different exchanges, akin to Bybit, WazirX, and Phemex, regardless of every utilizing distinct multi-sig answer suppliers. This exhibits that the attackers have an distinctive understanding of various techniques and are probably concentrating on broader vulnerabilities throughout the multi-sig safety infrastructure.
Pausing Withdrawals to Comprise Harm
CZ additionally addressed how exchanges can mitigate the impression of such breaches. He proposed that exchanges ought to instantly pause withdrawals after detecting any breach. By halting withdrawals, exchanges can forestall additional losses, examine the breach, and decide which gadgets or techniques had been compromised.
Whereas this precaution might trigger customers to panic, CZ identified that Binance took related measures throughout its 2019 hack when it paused withdrawals for every week. Although initially alarming, this choice helped restore consumer confidence as soon as operations resumed and even led to extra deposits than withdrawals.
Along with his warnings, CZ pressured that exchanges should not underestimate the evolving menace panorama and will prioritize safety upgrades. He urged platforms to reassess their safety protocols constantly and stay vigilant towards potential assaults.
Whereas acknowledging that Bybit’s CEO, Ben Zhou, dealt with the disaster with transparency and composure, CZ criticized different exchanges like FTX and WazirX for his or her lack of openness, which solely compounded the problems.
