Fresh off addressing the rising tide of cyberattacks hitting the crypto world, Changpeng Zhao (CZ), the head honcho of Binance – the world’s biggest crypto exchange – weighed in with a closer look at the vulnerabilities plaguing major crypto platforms. CZ offered a detailed breakdown of the issues and shared some key security tips for both exchanges and their users.

CZ pointed to a worrying trend in recent hacks affecting several exchanges, namely mentioning ByBit, Phemex, and WazirX. What’s particularly alarming, he revealed, is that hackers successfully drained substantial amounts of crypto straight from multi-signature cold storage wallets.

Delving into the ByBit hack specifically, CZ explained that attackers cleverly tampered with the front-end, making everything appear normal while secretly substituting the real transaction underneath. While admitting he wasn’t as deep in the weeds with the other incidents, CZ noted from what he could see, they seemed to follow a similar playbook.

Adding another layer of concern, CZ emphasized that these targeted exchanges utilize different multi-signature solution providers. This hinted that the attacks weren’t just about exploiting one weak spot, but something more systemic. The culprits? Allegedly, the notorious Lazarus Group, known for their seriously sophisticated cyber skills. Whether they cracked in through compromised devices, snuck into servers, or used a combination of sneaky tactics – it’s still a puzzle.

Amidst all this uncertainty, CZ doubled down on Binance’s well-established security philosophy. He defended his often-given advice to immediately freeze all withdrawals after a security breach, presenting it as a vital safety net. While some might see it as overkill, CZ argued that hitting pause on withdrawals provides crucial breathing room for exchanges to dig deep, figure out exactly how they were hit, and fortify their defenses before getting back to business as usual.

Bringing it closer to home, CZ recalled Binance’s own brush with a $40 million hack back in 2019. They slammed the brakes on withdrawals for a whole week, and surprisingly, when things were back online, they saw *more* deposits flowing in than withdrawals – quite the opposite of what some feared! However, CZ stressed that no two situations are identical, and deciding to halt operations is a call that needs to be made based on the specifics at hand.

CZ tipped his hat to ByBit CEO Ben Zhou for his open and calm handling of the recent security hiccup. He drew a clear line between Zhou’s transparent approach and what he perceived as the “less-than-clear” responses from leaders at other exchanges, name-dropping WazirX and the now-kaput FTX. While he kept mum on WazirX due to ongoing legal stuff, he didn’t mince words about FTX, stating point-blank that their implosion was down to fraud, not just a security slip-up.