The cryptocurrency security company Safe Wallet has confirmed its infrastructure was exploited during the recent $1.5bn Bybit hack. The breach stemmed from a compromised developer machine that processed a disguised malicious transaction.

"The forensic review of external security researchers did NOT indicate any vulnerabilities in the Safe smart contracts or source code of the frontend and services," Safe Wallet stated in its official announcement. The company emphasized that its underlying smart contract technology remained secure throughout the incident.

Safe Wallet has now restored services on the Ethereum mainnet through a phased approach. It claims to have rebuilt its infrastructure completely while rotating all credentials. Users have been advised to exercise extreme caution when signing transactions.

The company has launched an industry-wide initiative to improve transaction verification across the ecosystem. A comprehensive post-mortem report will be released once the investigation concludes.

The explanation has drawn criticism from prominent industry figures. Former Binance CEO Changpeng Zhao expressed significant skepticism about Safe Wallet's response.

"I usually try not to criticize other industry players, but I still do it once in a while. This update from Safe is not that great. It uses vague language to brush over the issues. I have more questions than answers after reading it," Zhao stated. He questioned several aspects of the security breach, including how attackers bypassed verification steps and why Bybit's address was specifically targeted.

Another security analyst confirmed that while the smart contract layer remained intact, attackers had manipulated the front end. "The security management model for huge/large assets needs a major upgrade," the analyst remarked. He described the incident as a classic supply chain attack and warned that similar infrastructure could be vulnerable.

The FBI has now officially attributed the Bybit hack to North Korea's Lazarus Group. The agency identified the operation as "TraderTraitor" in a public service announcement. "TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains. It is expected these assets will be further laundered and eventually converted to fiat currency," the FBI stated.

Federal authorities have published Ethereum addresses connected to the group. They have urged cryptocurrency service providers to block transactions linked to these addresses to prevent further laundering of the stolen funds.

Disclaimer: The information provided in this article is for educational purposes only and should not be considered financial or legal advice. Always conduct your own research or consult a professional when dealing with cryptocurrency assets.