Bybit Hack Sparks Crypto Security Debate as CZ Questions Safe’s Security Flaws

Safe, a popular multi-signature wallet provider, recently experienced a significant security breach, prompting criticism from Binance founder Changpeng Zhao (CZ). In a series of tweets, CZ questioned Safe's vague explanation of the incident, leaving many unanswered questions about how the attack was carried out.

Anny Sam
February 27, 2025
10:17 am

Anny Sam

Anny is a skilled crypto writer, delivering clear, engaging content that simplifies complex blockchain concepts for a broad audience.

Binance founder CZ criticized Safe for using unclear language in its update on the security breach.
The attack targeted a developer machine, raising questions about how it accessed Bybit-operated accounts.
CZ denied Binance’s involvement with Safe for Asset Storage and emphasized the need for stronger security measures.

Safe, a popular multi-signature wallet provider, recently experienced a significant security breach, prompting criticism from Binance founder Changpeng Zhao (CZ). In a series of tweets, CZ questioned Safe’s vague explanation of the incident, leaving many unanswered questions about how the attack was carried out.

I usually try not to criticize other industry players, but I still do it once in a while. 😂

This update from Safe is not that great. It uses vague language to brush over the issues. I have more questions than answers after reading it.

1. What does "compromising a Safe… https://t.co/VxywHyzqXb
— CZ 🔶 BNB (@cz_binance) February 26, 2025

Safe’s Security Breach Raises Concerns

Safe reported that a development machine had been breached, providing hackers with a doorway into a cryptocurrency platform operator account held by Bybit. The way in which it was achieved is currently not known. CZ queried a lack of transparency about how hackers gained entry into that specific machine, whether social engineering, malware, or another channel.

thank @cz_binance
1) The interface was compromised – there was no bug in the interface code but instead they got access to the server via a compromised developer machine.

2) The interface was modified spcifically targeting the Bybit Safe. So when Bybit would do a transaction -…
— koeppelmann.eth 🦉💳 (@koeppelmann) February 26, 2025

Another important question CZ raised included compromised machines’ ability to drop code directly into production. CZ questioned whether hackers’ level of access was made viable by Safe’s security measures as well as whether necessary verification measures had been evaded. CZ also questioned Ledger’s security measures in terms of how hackers got around multi-signature measures.

Binance Distances Itself While Calling for Stronger Security

Responding to speculation regarding Binance’s participation, CZ categorically refuted that the platform utilized Safe in storing its assets. CZ again confirmed that Binance is autonomous in its operation with stringent security measures.

CZ also observed the scale of breach, questioning whether targeted wallet Bybit Safe held $1.4 billion worth of assets and why hackers specifically targeted that wallet as opposed to another. CZ speculated that hackers went out of their way not to be seen over a very long timeframe in order not to alert security personnel before unleashing their assault.

To prevent similar accidents in the future, CZ promoted enhanced measures in terms of security. CZ proposed enhanced validation of Safe transactions on hardware wallets, a professional co-signing feature, as well as wallet interface diversification in a bid not to be over-dependent on a single point.

While Safe hasn’t made full explanations, the incident triggered a buzz in the cryptocurrency space regarding risks involved in self-custody wallets as well as a requirement for additional measures in terms of security. The incident is also a reminder that sometimes even reliable platforms can be compromised, which highlights the need for ongoing vigil in the cryptocurrency space.