CZ Challenges Safe{Wallet} Audit Clarity

He raised concerns over the attack's nature, the hacker's ability to access Bybit's account, and potential flaws in the Ledger verification process.

Binance co-founder Changpeng Zhao (CZ) has weighed in on Safe{Wallet}’s investigation into the recent Bybit hack, questioning the lack of clear answers in their audit report.

I usually try not to criticize other industry players, but I still do it once in a while. 😂 This update from Safe is not that great. It uses vague language to brush over the issues. I have more questions than answers after reading it.1. What does "compromising a Safe… https://t.co/VxywHyzqXb

CZ Challenges Safe{Wallet} Audit Clarity

He raised concerns over the attack’s nature, the hacker’s ability to access Bybit’s account, and potential flaws in the Ledger verification process. The audit attributed the breach to a compromised developer device at Safe{Wallet}, but CZ argued that the explanation left more questions than answers.

He said: “I feel like they are trying to cover up the issues with vague language. For example, was the attack due to malware or social engineering? How did the compromised developer machine manage to gain entry to Bybit’s wallet?”

Crucially, he pushed for specifics on how the compromised developer machine could submit a disguised malicious transaction to Bybit’s account. Another key point of contention was whether the hackers exploited blind signatures during the Ledger verification process, a well-known crypto security vulnerability.

Unanswered Questions on Wallet Access and Security

Crucially, he pushed for specifics on how the compromised developer machine could submit a disguised malicious transaction to Bybit’s account. Another key point of contention was whether the hackers exploited blind signatures during the Ledger verification process, a well-known crypto security vulnerability.

Beyond the technical aspects, CZ also inquired why the hackers targeted a specific wallet holding $1.46 billion instead of other funds managed by Safe{Wallet}. This raises speculation about insider knowledge of the wallet’s contents.

Additionally, his critique emphasized the urgent need for self-custody wallet providers to learn from this breach and strengthen security protocols.

Related: Bybit Hack Won’t Derail Crypto Rebound: Analyst’s Top Coin Predictions

Safe{Wallet} Stands Firm on Audit, Names Lazarus Group

On its part, Safe{Wallet} defended its audit and asserted that forensic investigations pointed to a targeted attack by the Lazarus Group. They said that a compromised developer device allowed hackers to submit a disguised malicious transaction. However, this explanation has done little to ease concerns among the crypto community.

Their statement reads: “Contrary to widespread assumptions, the hardware wallet used by the crypto exchange was never accessed or compromised. Instead, our investigation uncovered a sophisticated phishing attack targeting a single developer device at Safeмять. This device was compromised by the Lazarus Group, enabling them to submit a disguised malicious transaction to a specific hot wallet used by Bybit.”

ZenGo Expands TRX Wallet Features During Security Debate

Meanwhile, crypto adoption continues despite the recent Bybit hack and the ongoing debate over multisignature wallet security.

Cryptocurrency wallet provider ZenGo has announced support for the TRON (TRX) network. This integration allows users to manage TRX – storing, buying, sending, receiving, and swapping – directly within the ZenGo platform.

Announcing the development on X, the cryptocurrency wallet provider highlighted the importance of expanding its services to support a broader range of cryptocurrencies and networks. It said: “We're thrilled to announce that Zengo now supports TRON! We're bringing our game-changing security and seamless user experience to the TRON ecosystem.”

Adding value for users, ZenGo has included additional features like real-time portfolio tracking and multiple payment options for purchasing TRX, including credit cards, bank transfers, and digital wallets.

This expansion reflects a growing industry trend towards crypto wallets that are both secure and user-centric.