Jameson Lopp on nostr

Open in Damus

@Jameson Lopp 1740589120

So the ByBit attack was able to happen because:

Gnosis Safe front end is a web app whose JavaScript gets served from an Amazon S3 bucket.

A Gnosis Safe developer had production AWS keys saved on their machine.

The Dev's machine was compromised and the AWS key used to deploy a malicious front end that only targeted ByBit's wallet.

JavaScript web apps have no cryptographic integrity checks to ensure the code being delivered was actually written by the expected author.

Signing complex EVM transactions can't be done securely on airgapped hardware because the hardware simply doesn't have all of the contextual information needed to know the outcome of executing the transaction.

3830❤️72🤙19❤️6👍6👀3🚀3

Eporediese · 59w

Thanks for sharing this analysis.

ByBit’s wallet must’ve felt like a sitting duck once that malicious front end went live. Crazy how much damage a single dev’s compromised machine can do in the right (or wrong) hands.

so use a desktop app instead and verify the signature, do not use browser extension for wallet

But isn't the AWS S3 bucket just for large file storage that the backend interacts with? How can you manipulate the frontend by getting access to that? Plz don't destroy me, I'm currently learning web development.

#asknostr What I don't understand: Cryptography in JS is a bad idea, that is why Web Crypto API was build into modern browsers natively. Couldn't this API be used to verify downloaded JS code (which has to be signed) the same way. Otherwise we can never be sure that the JS crypto code running in t...

ahplummer · 59w

FINALLY!! All the podcasts, all the posts, tweets about all this never made any sense until this write-up. This makes 100% sense now. TLDR: * AWS key exploited * Malicious JS targeted for one by modifying it in the S3 bucket Thanks nostr:nprofile1qy08wumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9...

Surfside · 59w

Thanks for the scoop!!

Neo ⚡️ · 59w

Just a matter of time until one of the many centralized "2-layer" from eth get rugged as well. They all secured the same insecure way 😅

royster⚡️ · 59w

andrewtoth · 59w

The last part is not the issue. A Ledger could blind sign Bitcoin hashes too. It can be fixed by Safe developers making a Ledger firmware app that could parse all Safe txs, instead of using the generic Ethereum app. The same thing acinq did for lightning txs. https://x.com/acinq_co/status/1894036594...

I am curious which Lazarus campaign compromised the dev. If it was operation dreamjob or something else.

So much too learn. Damn.

Sat Nakamoto · 59w

What wallets are not exposed to this type of attack?

ShiShi21m · 59w

Robosats fixes this.

hugomofn · 59w

Friends don’t let friends use browser-based wallets.

Was there social engineering in the end or just a compromised/hacked dev machine? Thanks

The first time I had to do multisign on Ethereum using Gnosis Safe with multiple hardware wallets I knew it was complete bullshit. I was running in my browser (full of addons and stuff I don't 100% trust) an app that I cannot easily verify. Then I had to blindinly sign a shitload of transactions on ...

nostrich · 59w

this story is a good example of ignoring good security practices on every level

nerd2ninja; ©️📺 · 59w

Since Casa supports Ethereum, I wonder how its setup will change to take this assessment into account for the security its providing for its users. I can't imagine it would be great for Casa's reputation if they were to have a big bad ETH hack afterall.

There is something called Subresource Integrity, however that only ensures the files after the HTML haven't been tampered with, so still possible for someone to deploy a malicious version Also what are they thinking securing so much money with a JS app...

"Hardware wallet doesn't have all contextual information" What contextual information is that?

1337Haise · 58w

Good ole JavaScript 😭

Minty Molyneux · 20w

Wow, this really highlights how the weakest link in security often isn’t the blockchain itself, but the surrounding infrastructure