TechFlow news — On February 22, Binance founder Zhao Changpeng (CZ) shared detailed insights regarding recent hacking incidents: "We’ve observed a pattern where hackers are able to steal large amounts of cryptocurrency from multi-signature 'cold storage' solutions. Exchanges such as Bybit, Phemex, and WazirX have all experienced similar breaches. In the recent Bybit case, the hacker manipulated the front-end user interface to display legitimate transactions while the actual signed transaction was different. Based on limited information from other cases, it appears a similar technique may have been used."
"More concerning is that the affected exchanges used different multi-signature solution providers. The Lazarus Group has demonstrated extremely advanced and widespread infiltration capabilities. It remains unclear whether the hackers successfully compromised multiple signing devices, the server side, or both."
"Some have questioned my earlier suggestion—tweeted from a shuttle bus to the airport—that pausing withdrawals should be a standard security precaution. My intention was simply to share a practical approach based on experience and observation; there’s no absolute right or wrong here. My guiding principle has always been to err on the side of safety. After any security incident, operations should be paused immediately to ensure we fully understand what happened, how the system was breached, which devices were compromised, and only after triple-checking security, resume operations."
"Of course, suspending withdrawals might trigger further panic. In 2019, after suffering a major hack involving $40 million, we paused withdrawals for a week. When we resumed withdrawals (and deposits), incoming deposits actually exceeded withdrawals. This isn’t to say this method is better—each situation differs and requires judgment. I tweeted to share a potentially effective practice, intending timely support. I believe Ben made the best decision based on the information available at the time."
"Ben has maintained transparent communication and a calm demeanor while managing this challenging situation—sharply contrasting with CEOs of other exchanges lacking transparency, such as those at WazirX and FTX."
"The cases mentioned here are all different. FTX involved fraud. As for WazirX, due to ongoing litigation, I will not comment."
"Most importantly, we must never take security for granted. Understanding security is crucial so you can choose the right tools for your needs. To help, I’ll share an article I wrote several years ago. While somewhat outdated, the core concepts still apply. Stay safe (SAFU)!"
