受损的开发人员机器是Bybit Hack的根本原因

Safe是Bybit使用的SafeWallet多符号产品的开发商，它发布了简短的验尸更新，该更新解释了最近的Bybit Hack的根本原因 - 遭受折衷的开发人员机器。

Safe, the developer of the SafeWallet multisignature product used by Bybit, has released a short post-mortem update explaining the root cause of the recent Bybit hack — a compromised developer machine. The announcement prompted a critical response from Binance co-founder Changpeng “CZ” Zhao.

Safe是Bybit使用的SafeWallet多符号产品的开发商，它发布了简短的验尸更新，该更新解释了最近的Bybit Hack的根本原因 - 遭受折衷的开发人员机器。该公告促使Binance联合创始人Changpeng“ CZ” Zhao做出了重要回应。

According to Safe, the forensic review of the Bybit hack did not find vulnerabilities in the Safe smart contracts or the code of its front end portal and services responsible for the $1.4 billion cybersecurity incident.

根据Safe的说法，对Bybit Hack的法医审查并未发现安全智能合约或其前端门户网站的守则和负责14亿美元网络安全事件的服务。

Martin Köppelmann, the co-founder of the Gnosis blockchain network, which developed Safe, noted that the compromised machine was modified to target the Bybit Safe and divert the transactions to a different hardware wallet.

Gnosis区块链网络的联合创始人马丁·科佩尔曼（MartinKöppelmann）开发了安全，他指出，妥协的机器已被修改以针对Bybit安全，并将交易转移到其他硬件钱包中。

“This update from Safe is not that great. It uses vague language to brush over the issues,” Zhao wrote in a Feb. 26 X post. Zhao also asked for clarification on the compromised developer machines, how the hackers tricked multiple signers into signing the transaction, how a developer machine accessed Bybit's systems, and why the hackers did not target other addresses.

“ Safe的更新并不是那么好。它使用模糊的语言来解决这些问题。”赵在2月26日x帖子中写道。赵还要求澄清受损的开发人员机器，黑客如何欺骗多个签名者签署交易，开发人员如何访问bybit的系统，以及为什么黑客没有针对其他地址。

Köppelmann added that he could only speculate about how the hackers pushed the fraudulent transactions past multiple signers and theorized that the threat actors did not target other addresses to prevent discovery and detection.A forensic review conducted by Sygnia and Verichains revealed on Feb. 26 that “the credentials of a Safe developer were compromised [...] which allowed the attacker to gain unauthorized access to the Safe(Wallet) infrastructure and totally deceive signers into approving a malicious transaction.”

科佩尔曼补充说，他只能推测黑客如何将欺诈性交易推向多个签名者，并理论上认为威胁行为者没有针对其他地址来防止发现和发现。Sygnia和Verichains进行的法医审查在26年2月26日揭示了“安全开发者的符合人的依据[...基础设施和完全欺骗签署者批准了恶意交易。”