To bypass this restriction, they hijacked active AWS user session tokens through malware planted on Developer1’s workstation. This allowed unauthorized access while AWS sessions remained active.

  • Quote

Name

To bypass this restriction, they hijacked active AWS user session tokens through malware planted on Developer1’s workstation. This allowed unauthorized access while AWS sessions remained active.

Types

Quote

Sources

Safe’s internal investigation reveals developer’s laptop breach led to Bybit hack

Referenced by

SafeWallet’s analysis alleged that attackers linked to North Korea registered malicious domains and utilized malware to facilitate the Bybit hack

Crypto news

Claim

SafeWallet’s report stated that attackers bypassed SafeWallet’s AWS multifactor authentication by hijacking active AWS session tokens probably from a compromised developer’s workstation

Crypto news

Claim