Their methods include: ⟜ Social engineering—tricking employees into handing over access. ⟜ Phishing attacks—stealing login credentials. ⟜ Malicious smart contracts—manipulating transactions. Here’s how they pulled off the latest hack Bybit’s ETH was in a multi-signature cold wallet—the safest way to store funds. To move money, you need multiple signers to approve transactions. Lazarus never needed to hack Bybit’s servers or get their passwords. They let the signers do all the work for them. Step 1: The hackers mirrored Bybit’s signing interface. The transaction looked normal. It showed the right recipient address. The amount was what the signers expected. But behind the scenes, the contract logic was different. Step 2: The moment signers approved the transaction, they weren’t just transferring ETH. They changed the wallet’s contract code. Suddenly, the hackers had full control over Bybit’s cold wallet. Bybit’s own security team had handed them the keys.