Listen to the episode on Apple Podcasts, Spotify, Pods, Fountain, Podcast Addict, Pocket Casts, Amazon Music, or on your favorite podcast platform.

Crypto derivatives exchange Bybit just became the latest victim of North Korea’s elite hacking unit, the Lazarus Group. They didn’t brute-force their way in. They didn’t exploit some obscure vulnerability. Instead, they tricked a trusted developer, slipped in malicious code, and took off with a fortune.

How did this happen? Why was $1.5 billion sitting in a single wallet? What mistakes did Bybit and Safe make? And, more importantly, what needs to change to stop this from happening again?

This week, Mudit Gupta, chief information security officer at Polygon, joins Unchained to expose the security failures, the sophisticated tactics Lazarus used, and why crypto still hasn’t learned its lesson.

Show highlights:

• Mudit’s experience with North Korea’s Lazarus
• How Lazarus perpetrated the $1.5 billion hack
• Why Lazarus relies on social engineering over technical exploits
• Why Bybit was so specifically targeted by the hackers
• What Bybit should have done to prevent the exploit
• Why Mudit believes there was “no reason” to hold so much ETH in one single wallet
• Who should be a signer in multisigs
• How to prevent using a malicious website
• Why Safe should have done things differently, according to Mudit
• How Bybit and Safe handled crisis communication
• Mudit’s must-know security tips for protecting your crypto

Thank you to our sponsors!

• Mantle

Guest

• Mudit Gupta, Chief Information Security Officer at Polygon

Links

• Recent coverage of Unchained on the Bybit hack:

• North Korean Hackers Are Winning. Is the Crypto Industry Ready to Stop Them?
• The Chopping Block: Crypto’s Worst Week? Bybit Hack, Libra Scandal, & The Memecoin Reckoning
• Bits + Bips: Markets Are Down Bad. When Will Crypto Recover?

• Unchained: Bybit Flows Return to ‘Normal’ After Biggest-Ever Crypto Hack
• Bybit Hack Forensics Report 
• “Safe{Wallet} Statement on Targeted Attack on Bybit “