Binance co-founder and former CEO Changpeng Zhao (CZ) warns of new hack patterns targeting multi-sig cold storage solutions in crypto exchanges.
New Hacking Tactics
In an X post, CZ pointed out how hackers penetrated the systems of multiple exchanges, such as Bybit, WazirX, and Phemex, stealing large amounts of crypto from their cold storage solutions.
The Bybit Attack Story
On February 21, crypto exchange Bybit experienced the largest hack in crypto history, losing over $1.4 billion in stETH, mETH, and other ERC-20 tokens. Blockchain security analysts like Arkham Intelligence and on-chain sleuth ZachXBT have linked the Bybit attack to the North Korean hacker organization, Lazarus Group. The hackers manipulated the front-end interface to display a legitimate transaction while the actual signed transaction was different.
Precautionary Measures by Changpeng Zhao
Zhao believes that pausing withdrawals after a security breach could help exchanges understand the situation and confirm safety before resuming operations. However, he acknowledged that this action might cause panic among traders. For instance, Binance paused withdrawals for a week in 2019 after losing $40 million, but deposits surpassed withdrawals after resuming operations.
Changpeng Zhao urged exchanges to remain vigilant about security and to consider some of the tips he wrote some years back to prevent such incidents.
