# Bybit and Safe Custody Are at Odds on Who's to Blame for $1.5B Hack

In a developing scandal, cryptocurrency exchange Bybit has published a forensic review on last week's $1.5 billion hack, pointing fingers at compromised Safe wallet infrastructure. However, the debate surrounding responsibility for the heist continues, with both parties engaging in a heated exchange.

## The Forensic Review: Bybit's Findings

Bybit's review revealed that its systems had not been infiltrated and that the issue seemed to have stemmed from compromised Safe wallet infrastructure. According to Bybit, "the credentials of a Safe developer were compromised," which allowed the Lazarus hacking group to gain unauthorized access to the Safe wallet and subsequently deceive Bybit staff into signing the malicious transaction.

## The Counter-Narrative: Safe Custody's Perspective

However, a person familiar with the matter told CoinDesk that despite the wallet's infrastructure being compromised by social engineering, the hack would not have been possible had Bybit not "blind signed" the transaction. The term refers to a mechanism where a smart contract transaction is approved without comprehensive knowledge of its contents.

Safe Custody also issued a statement saying that "Safe smart contracts [were] unaffected," and that an attack was conducted by compromising a Safe developer machine which affected an account operated by Bybit. Furthermore, Safe pointed out that a "forensic review of external security researchers did NOT indicate any vulnerabilities in the Safe smart contracts or source code of the frontend and services."

## The Mirror of WazirX and Liminal Custody

The apparent back and forth between both companies mirrors that of WazirX and Liminal Custody, which blamed each other following a $230 million exploit last July. This incident highlights the ongoing issue of finger-pointing in the cryptocurrency industry when it comes to hacking incidents.

## The Lazarus Group's Laundering Scheme

On-chain data analyzed by ZachXBT shows that Lazarus is attempting to launder the stolen funds, with 920 wallets currently being tainted with the ill-gotten gains. The funds, perhaps inadvertently, have been commingled with stolen funds from hacks targeting Phemex and Poloniex, linking Lazarus Group to all three.

## The Consequences of the Hack

The $1.5 billion hack has sent shockwaves through the cryptocurrency industry, highlighting the need for greater cooperation and communication between exchanges and custodians. As Bybit declares "war on Lazarus," it is clear that the stakes are high, and the consequences of inaction will be severe.

Stay tuned for further updates as this story continues to unfold.