Safe Wallet responds to bi-bit hacks with major security improvements

Safe traced the security loophole to the wallet UI, but Bybit closed the $1.4 billion gap and launched a bounty protocol to track bad actors.

Ethereum-based Crypto Wallet Protocol SAFE implemented “immediate security improvements” in its multi-SIG solution following the cyberattack on Dubai-based Exchange Bybit on February 21.

North Korean Lazarus stole over $1.4 billion in ether (ETH) from Bybit’s Ethereum Wallet by exploiting the vulnerability in the Safe Wallet UI. The infamous hacking group injected hostile JavaScript code, targeting Bybit in particular, and sucked up over 400,000 ETH.

To prevent further attacks, SAFE placed its wallet in lockdown mode before announcing a gradual rollout and reconfigured infrastructure.

You might like it too: Bitcoin CME Futures Gap expands $6K

Safe co-founder Martin Koeppelmann said the team developed and shipped 10 changes to the UI via a March 3rd X.com post. Protocol’s GitHub repository showed updates saying “Full RAW TX data is displayed in the UI” and “Remove certain direct hardware wallet support that caused security concerns.”

Bibit CEO Ben Zhou discussed the incident with host Kevin Follonier about a podcast that was happening with When Shift and explained that the attack occurred shortly after signing a deal to forward 13,000 ETH.

Zhou mentioned using a ledger hardware wallet, but noted that it is not possible to fully verify transaction details. This issue, known as “blind signs,” is a common vulnerability in multi-SIG crypto transactions. According to Koeppelmann, the latest updates to Safe are intended to provide signers with more detailed transaction data.

In response to a post from Kyber Network CEO Victor Tran about industry-wide security activities, Koeppelmann highlighted the importance of collaboration, but noted that immediate damage control remains a priority.

“We’re still in ‘fire extinguishing’ mode, but we need to gather behind it and improve the overall front-end and TX verification security,” Koeppelmann said, adding, “This is to solve it forever, in order for a lot of political parties to be involved.”

read more: Bibit $14 billion theft came from a compromised secure UI