Lazarus ByBit $1.4B heist was supply chain attack on developer

Three Buddy Problem - Episode 36: Ryan and Juanito join the show from the RE//verse conference with discussion on Natalie Silvanovic’s keynote on hunting for bugs in mobile messengers, the thrill of looking at exposed attack surfaces and the grueling “losses” bug hunters endure before a breakthrough. We also cover the latest on the $1.4 billion ByBit hack pinned on the Lazarus Group and the malicious JavaScript supply chain attack at the center of the cryptocurrency heist. Plus, the ethical gray zones of tethered exploits via Cellebrite, the whiplash of AI-driven threat intel, and the looming pivot in U.S. cyber policy signaling a stand-down on Russia-focused APT ops. Cast: Ryan Naraine, Costin Raiu and Juan Andres Guerrero-Saade.

Three Buddy Problem

March 1, 20251h 53m

Audio is streamed directly from the publisher (aphid.fireside.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Three Buddy Problem - Episode 36: Ryan and Juanito join the show from the RE//verse conference with discussion on Natalie Silvanovic’s keynote on hunting for bugs in mobile messengers, the thrill of looking at exposed attack surfaces and the grueling “losses” bug hunters endure before a breakthrough.

We also cover the latest on the $1.4 billion ByBit hack pinned on the Lazarus Group and the malicious JavaScript supply chain attack at the center of the cryptocurrency heist. Plus, the ethical gray zones of tethered exploits via Cellebrite, the whiplash of AI-driven threat intel, and the looming pivot in U.S. cyber policy signaling a stand-down on Russia-focused ops.

Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

Links:

Topics

ByBitLazarusTraderTraitorNorth Koreacryptocurrencyhot walletCISARussiaCellebriteRussiaCyberCommand

← All episodes of Three Buddy Problem