Safe’s internal investigation reveals developer’s laptop breach led to Bybit hack

Article

Name

Safe’s internal investigation reveals developer’s laptop breach led to Bybit hack

Types

Tags

Source maintained by Catalin

Web URL

https://cryptoslate.com/safes-internal-investigation-reveals-developers-laptop-breach-led-to-bybit-hack/

Referenced by

SafeWallet released detailed report on Bybit hack

Crypto news

Mandiant identified three additional UNC4899-linked domains used in the Safe attack. These domains, also registered via Namecheap, appeared in AWS network logs and Developer1’s workstation logs, indicating broader infrastructure exploitation.

Crypto news

Additionally, the report revealed that the attackers used ExpressVPN to mask their origins while conducting operations. It also highlighted that the attack resembles previous incidents involving UNC4899, a threat actor associated with TraderTraitor, a criminal collective allegedly tied to DPRK.

Crypto news