Paul Soliman, the chief executive officer of BayaniChain, explained how the recent hack of cryptocurrency platform Bybit is a classic example of a social engineering scheme.
How Did the Bybit Hack Happen?
The Bybit hack, one of the largest in crypto history, resulted in the theft of $1.46 billion.
Arkham Intelligence revealed that hackers from North Korea’s Lazarus Group tricked Bybit’s security team using a fake UI, making them unknowingly approve a malicious transaction. This granted the attackers control over an Ethereum cold wallet, allowing them to transfer all its funds. (Read more: Bybit Hack Update Timeline: North Korea’s Lazarus Group Responsible for Largest Crypto Hack in History)
The breach exposed vulnerabilities in multi-sig cold storage and highlighted the need for better security measures.
Why the Bybit Hack Is a Classic Social Engineering Scheme
“This wasn’t about blockchain breaking—it was a classic social engineering game. The tech held up; the people didn’t. Old-school deception, modern stakes.”
Paul Soliman, CEO, Bayanichain
According to him, the Bybit hack was a textbook social engineering attack and not a blockchain failure.
Soliman highlighted how the hack was made possible in three steps:
Social Engineering
He stressed that the attackers used classic social engineering, likely phishing or a fake UI, to trick Bybit’s team into signing a fake transaction—exploiting human error, not blockchain flaws.
Exploit
According to him, the attackers pulled a trick by replacing the real transaction with a malicious one using a fake interface, deceiving wallet signers.
Act
Finally, Soliman noted that the attackers completed the scam by using the signed transaction to transfer funds. The blockchain worked as intended, and he stressed that the real weakness was human error.
Nonetheless, Soliman highlighted that he does not blame Bybit, as “cybersecurity is really hard.”
Could It Have Been Stopped?
In an article by Forbes, it was highlighted that the Bybit hack could have been prevented with stronger security measures.
Binance co-founder and former CEO Changpeng “CZ” Zhao pointed out that the attack exploited multi-sig cold storage vulnerabilities, which is similar to previous hacks by North Korea’s Lazarus Group.
- CZ, as well as enterprise-grade platform Fireblocks, warned that multi-sig vulnerabilities are a systemic issue, not provider-specific.
- Fireblocks suggests that switching to Distributed Multi-Party Computation (MPC) wallets can enhance signing security.
- According to them, these wallets distribute key fragments, which is safer than depending on multiple signature providers who could be compromised.
Ledger CEO Pascal Gauthier emphasized the need for Clear Signing to prevent blind signing, ensuring users fully verify transactions before approval.
- He also stressed the need for enterprise-grade security for large transactions and encouraged the adoption of hardware-based verification for added security.
This article is published on BitPinas: PH Developer on Bybit Hack: A Classic Case of Social Engineering
What else is happening in Crypto Philippines and beyond?
