A Manhattan federal judge has cleared the way for Aave’s recovery effort to move forward after last month’s North Korea-linked rsETH exploit, allowing $71 million in frozen ether to be transferred out of Arbitrum while preserving North Korean terrorism victims’ legal claim on the funds. In a two-page order published late Friday U.S. time, Judge […]
Lawyers seeking to seize $71 million in frozen ether for victims of North Korean terrorism changed their legal strategy Tuesday, arguing in a new court filing that the April 18 rsETH exploit was not theft but fraud, directly countering Aave’s attempt to void a restraining notice blocking the release of the assets. In a 30-page […]
A breach at web infrastructure provider Vercel is forcing crypto teams to rotate API keys and do a deep inspection of their underlying code. In a bulletin, Vercel said the hacker was able to grab behind-the-scenes settings that weren’t locked down, potentially exposing API keys — the digital credentials apps use to connect to other […]
Ilya Lichtenstein, who was sentenced to five years in prison in November 2024 after pleading guilty to charges tied to the 2016 Bitfinex cryptocurrency exchange hack, was released from prison after just 14 months behind bars. “Thanks to President [Donald] Trump’s First Step Act, I have been released from prison early,” Lichtenstein said on X […]
Lessons from the Bybit Hack
Categories
The recent security breach for around $1.5 billion at Bybit, the world’s second-largest cryptocurrency exchange by trading volume, sent ripples through the digital asset community. With $20 billion in customer assets under custody, Bybit faced a significant challenge when an attacker exploited security controls during a routine transfer from an offline “cold” wallet to a […]
Cryptocurrency exchange Bybit has published a forensic review on last week’s $1.5 billion hack, revealing that its systems had not been infiltrated and that the issue seemed to have stemmed from compromised Safe wallet infrastructure. Bybit concluded from the review that “the credentials of a Safe developer were compromised,” which allowed the Lazarus hacking group […]