Safe {Wallet} updates progress of investigation into hacking incident, confirms North Korean hacker group Trader Raitor as mastermind behind it

The multi signature wallet Safe {Wallet} has announced that it has made critical progress in its security investigation with Mandiant (now part of Google Cloud) and confirmed that the attack on February 21 was carried out by the North Korean hacker group Trader Raitor (UNC4899), which has previously launched multiple attacks against the cryptocurrency industry. Hackers gained critical access by infiltrating the computers of Safe {Wallet} developers and hijacking AWS session tokens to bypass multiple factor authentication (MFA). Safe {Wallet} emphasizes that despite the impact of the attack, the smart contract has not been compromised, the system has been fully reset, and stricter security measures have been implemented, including: Infrastructure reset: regenerate all credentials, reset the cluster, update keys and confidential information, and redeploy container images. External access restrictions: temporarily block external access to transaction services, only allow internal communication, and strengthen firewall rules. Malicious transaction detection upgrade: Collaborate with Blockaid to strengthen transaction monitoring and increase risk markers for Safe account master upgrades. Real time monitoring enhancement: Improve logging and threat detection capabilities for faster response to security incidents. Pending transaction cleanup: Clear all pending transactions from the database to prevent potential security risks. Optimize UI and security verification tools: Introduce Safe Utils as a third-party transaction verification tool, and plan to provide a fully IPFS hosted version of Safe {Wallet}. Safe {Wallet} calls on the Web3 ecosystem to jointly address increasingly complex security threats and strengthen the optimization of transaction verification tools to enhance user security. The official has released detailed transaction verification guidelines and plans to further optimize the user experience to reduce potential risks.