- Bybit lost $1.4 billion worth of Ethereum in a massive security breach.
- Adam Back blamed Ethereum’s Virtual Machine for enabling the hack.
- He criticized EVM’s complexity for making transactions vulnerable to exploits.
Bybit suffered a major security breach, losing $1.4 billion worth of Ethereum in an attack that shocked the crypto industry. Adam Back, CEO of Blockstream and a well-known figure in the Bitcoin community, blamed Ethereum’s Virtual Machine (EVM) for the hack. He argued that the complexity of EVM allowed hackers to manipulate the transaction process and drain the exchange’s Ethereum cold wallet.
Adam Back Slams EVM as Key Reason for Hack
Adam Back criticized the Ethereum Virtual Machine, stating that its complexity made it easier for attackers to exploit vulnerabilities. He pointed out that Ethereum’s transaction structure is difficult to verify, making blind signing a significant risk. He emphasized that this flaw enabled hackers to deceive Bybit’s security systems and access its assets.
Back highlighted that hardware wallets like Ledger struggle to process Ethereum transactions due to their low processing power. He explained that these wallets cannot fully interpret Ethereum’s intricate smart contracts, leading to security weaknesses. As a result, blind signing becomes necessary, increasing the risk of unauthorized transactions.
When the breach occurred, Bybit transferred $100 million worth of Ethereum from its cold wallet to a hot wallet. Hackers used blind signing and manipulating the smart contract to execute fraudulent transactions and drain Ethereum before security measures could intervene.
Hardware Wallets Struggle with EVM Complexity
Back noted that hardware wallets cannot fully verify Ethereum’s smart contract executions. He stressed that the complexity of EVM scripts makes it nearly impossible for hardware wallets to provide robust security. This creates an environment where attackers can exploit blind signing to carry out fraudulent transactions.
According to Back, Bitcoin transactions do not face similar issues because of their simpler structure. He argued that Bitcoin’s security model prevents the vulnerabilities seen in Ethereum-based transactions. He suggested that the Bybit hack reinforces Bitcoin’s dominance and highlights Ethereum’s inherent risks.
The attack has reignited debates about the security of Ethereum’s ecosystem. Some Bitcoin advocates, including Samson Mow, sarcastically suggested rolling back Ethereum’s blockchain to recover funds. However, Ethereum developers clarified that the transaction was valid under Ethereum’s protocol, making a rollback impossible.
Bybit Responds and Closes Liquidity Gap
Bybit confirmed that it had addressed the liquidity gap caused by the hack. The exchange assured users it had implemented additional security measures to prevent future breaches. While investigations continue, Bybit has not disclosed specific details about the steps taken to improve its security.
Authorities suspect the notorious North Korean hacking group Lazarus to be responsible for the attack. This group has been linked to several high-profile crypto thefts in recent years. The hack has once again raised concerns about cybersecurity in the crypto industry and the risks associated with complex blockchain ecosystems.
Despite the controversy, Ethereum developers have defended the protocol, stating that all transactions followed Ethereum’s established rules. Meanwhile, Bitcoin supporters continue highlighting the importance of simplicity and security in blockchain technology. The Bybit hack has intensified discussions on the reliability of different blockchain networks and their ability to withstand sophisticated cyberattacks.