So here’s something that’s been keeping me up at night. In the last year and a half, a specific group of hackers, widely believed to be North Korea’s Lazarus group, has managed to pull off a series of breathtaking crypto heists. The total? A staggering $1.75 billion. And the crazy part is, they keep using the exact same trick to do it.
It feels like everyone’s been scrambling for a solution, something incredibly complex to match the scale of the problem. But what if the answer is actually pretty straightforward? Maybe it is. A security researcher, Daniel Von Fange, recently laid out an idea that seems almost too simple. It’s not about building a bigger wall; it’s about adding a single, crucial step to a process everyone already uses.
The Multisig Weakness
Right, so first, what’s a multisig wallet? It’s designed to be super secure. Instead of one person holding the keys, a transaction needs multiple approvals from different trusted people. The idea is that even if one person gets hacked, the funds are still safe. It’s a good system, in theory.
But Lazarus found the flaw. They don’t break the security; they trick the people. They get several members of a team to approve a transaction they think is legitimate. It might look like a routine transfer or an operational update. By the time the signatures are collected, the hackers have effectively hijacked the entire wallet. The game is already over.
The results have been brutal. WazirX lost $230 million. Radiant Capital was hit for $50 million. And then, the absolute whopper: ByBit’s staggering $1.5 billion loss back in February. The methods vary—sometimes it’s a spoofed website that looks real, other times it’s malware on a developer’s computer. The end result is always the same.
A Potential Lifeline
The typical response has been to tell people to be more careful. To double-check those transaction details on their hardware wallets. And that’s important, sure. But Von Fange points out a grim reality: by the time those signatures hit the blockchain, it’s too late. The attackers might have collected them weeks ago.
His proposal, which he cooked up with some folks from Optimism and Security Alliance, is to insert a pause. A kind of final sanity check. After a transaction gets all its necessary approvals, it wouldn’t execute immediately. Instead, it would enter a brief waiting period. This gives the team one last chance to look at it and, if something smells fishy, hit an undo button before any money moves.
It’s not a magic bullet, and he’d be the first to admit that. He’s basically asking a few big projects, the ones with the most to lose, to just try it out. To see if this simple change in the workflow can actually stop the bleeding.
His final point is a chilling one. He says there are clever, evil people right now, inside companies’ systems, just waiting to do this again. And maybe, with a change this simple, we could actually save a billion dollars. It’s hard to argue with that.
