CZ挑戰安全{Wallet}審核清晰度

他對襲擊的性質，黑客訪問Bybit帳戶的能力以及分類帳驗證過程中的潛在缺陷表示擔憂。

Binance co-founder Changpeng Zhao (CZ) has weighed in on Safe{Wallet}’s investigation into the recent Bybit hack, questioning the lack of clear answers in their audit report.

Binance聯合創始人Changpeng Zhao（CZ）對安全{Wallet}對最近的Bybit Hack進行了調查，質疑其審計報告中缺乏明確的答案。

I usually try not to criticize other industry players, but I still do it once in a while. 😂 This update from Safe is not that great. It uses vague language to brush over the issues. I have more questions than answers after reading it.1. What does "compromising a Safe… https://t.co/VxywHyzqXb

我通常會盡量不要批評其他行業參與者，但我仍然偶爾這樣做。 😂SACE的更新並不是那麼好。它使用模糊的語言來解決問題。閱讀後，我比答案有更多的問題。1。 “妥協安全……https：//t.co/vxywhyzqxb

CZ Challenges Safe{Wallet} Audit Clarity

CZ挑戰安全{Wallet}審核清晰度

He raised concerns over the attack’s nature, the hacker’s ability to access Bybit’s account, and potential flaws in the Ledger verification process. The audit attributed the breach to a compromised developer device at Safe{Wallet}, but CZ argued that the explanation left more questions than answers.

他對襲擊的性質，黑客訪問Bybit帳戶的能力以及分類帳驗證過程中的潛在缺陷表示擔憂。審計將違規行為歸因於安全{Wallet}的受損開發人員設備，但CZ認為，解釋留下的問題多於答案。

He said: “I feel like they are trying to cover up the issues with vague language. For example, was the attack due to malware or social engineering? How did the compromised developer machine manage to gain entry to Bybit’s wallet?”

他說：“我覺得他們正試圖用模糊的語言掩蓋問題。例如，是由於惡意軟件或社會工程而引起的攻擊？受損的開發人員如何設法進入Bybit的錢包？”

Crucially, he pushed for specifics on how the compromised developer machine could submit a disguised malicious transaction to Bybit’s account. Another key point of contention was whether the hackers exploited blind signatures during the Ledger verification process, a well-known crypto security vulnerability.

至關重要的是，他推動了有關受損開發人員如何將偽裝的惡意交易提交給Bybit帳戶的詳細信息。另一個關鍵要點是，黑客在分類帳驗證過程中是否利用了盲目簽名，這是一個眾所周知的加密安全脆弱性。

Unanswered Questions on Wallet Access and Security

關於錢包訪問和安全性的未解決問題

Crucially, he pushed for specifics on how the compromised developer machine could submit a disguised malicious transaction to Bybit’s account. Another key point of contention was whether the hackers exploited blind signatures during the Ledger verification process, a well-known crypto security vulnerability.

至關重要的是，他推動了有關受損開發人員如何將偽裝的惡意交易提交給Bybit帳戶的詳細信息。另一個關鍵要點是，黑客在分類帳驗證過程中是否利用了盲目簽名，這是一個眾所周知的加密安全脆弱性。

Beyond the technical aspects, CZ also inquired why the hackers targeted a specific wallet holding $1.46 billion instead of other funds managed by Safe{Wallet}. This raises speculation about insider knowledge of the wallet’s contents.

除技術方面外，CZ還詢問了為什麼黑客瞄準了一個持有14.6億美元的特定錢包，而不是由安全{Wallet}管理的其他資金。這引起了人們對錢包內容的內部知識的猜測。

Additionally, his critique emphasized the urgent need for self-custody wallet providers to learn from this breach and strengthen security protocols.

此外，他的批評強調了迫切需要自我顧客錢包提供者從這種違規行為中學習並加強安全協議。

Related: Bybit Hack Won’t Derail Crypto Rebound: Analyst’s Top Coin Predictions

相關：Bybit Hack不會使加密貨幣反彈出軌：分析師的頂級硬幣預測

Safe{Wallet} Stands Firm on Audit, Names Lazarus Group

安全{Wallet}堅定地審計，名稱Lazarus Group

On its part, Safe{Wallet} defended its audit and asserted that forensic investigations pointed to a targeted attack by the Lazarus Group. They said that a compromised developer device allowed hackers to submit a disguised malicious transaction. However, this explanation has done little to ease concerns among the crypto community.

就其部分而言，Safe {Wallet}捍衛了其審計，並斷言法醫調查指出了Lazarus集團的目標攻擊。他們說，受損的開發人員設備允許黑客提交偽裝的惡意交易。但是，這種解釋並沒有做出任何努力來緩解加密貨幣社區的關注。

Their statement reads: “Contrary to widespread assumptions, the hardware wallet used by the crypto exchange was never accessed or compromised. Instead, our investigation uncovered a sophisticated phishing attack targeting a single developer device at Safeмять. This device was compromised by the Lazarus Group, enabling them to submit a disguised malicious transaction to a specific hot wallet used by Bybit.”

他們的陳述寫道：“與廣泛的假設相反，加密交易所使用的硬件錢包從未被訪問或妥協。取而代之的是，我們的調查發現了針對Safephim的單個開發人員設備的複雜網絡釣魚攻擊。 Lazarus組妥協了該設備，使他們能夠將偽裝的惡意交易提交給Bybit使用的特定熱錢包。”

ZenGo Expands TRX Wallet Features During Security Debate

Zengo在安全性辯論期間擴展了TRX錢包功能

Meanwhile, crypto adoption continues despite the recent Bybit hack and the ongoing debate over multisignature wallet security.

同時，儘管最近發生的拜百比·哈克（Bybit Hack）以及關於多符號錢包安全性的持續辯論，加密採用仍在繼續。

Cryptocurrency wallet provider ZenGo has announced support for the TRON (TRX) network. This integration allows users to manage TRX – storing, buying, sending, receiving, and swapping – directly within the ZenGo platform.

加密貨幣錢包提供商Zengo宣布了對TRON（TRX）網絡的支持。這種集成使用戶可以直接在Zengo平台內管理TRX（存儲，購買，發送，接收和交換）。

Announcing the development on X, the cryptocurrency wallet provider highlighted the importance of expanding its services to support a broader range of cryptocurrencies and networks. It said: “We're thrilled to announce that Zengo now supports TRON! We're bringing our game-changing security and seamless user experience to the TRON ecosystem.”

加密貨幣錢包提供商宣布X上的開發項目強調了擴大其服務以支持更廣泛的加密貨幣和網絡的重要性。它說：“我們很高興地宣布Zengo現在支持Tron！我們將改變遊戲的安全性和無縫用戶體驗帶入TRON生態系統。”

Adding value for users, ZenGo has included additional features like real-time portfolio tracking and multiple payment options for purchasing TRX, including credit cards, bank transfers, and digital wallets.

為用戶增加價值，Zengo還提供了其他功能，例如實時投資組合跟踪以及購買TRX的多個付款選項，包括信用卡，銀行轉讓和數字錢包。

This expansion reflects a growing industry trend towards crypto wallets that are both secure and user-centric.

這種擴展反映了既安全又以用戶為中心的加密錢包的行業趨勢不斷增長。