SlowMist: If Bybit is upgraded to version 1.3.0 and the Guard mechanism is properly configured, it may avoid a loss of $1.5 billion

According to the analysis of the SlowMist security team, on February 21st, Bybit's multi signature wallet was attacked, and nearly $1.5 billion in assets were stolen through a "legitimate signature" transaction. Attackers use social engineering methods to obtain multi signature permissions and implant malicious logic through the delegatecall function of Safe contracts, bypassing the multi signature verification mechanism to complete fund transfers. After version 1.3.0, Safe Wallet introduced the Safe Guard mechanism, which can perform fine-grained security checks on transactions, such as whitelist verification and high-risk operation restrictions. But Bybit is using version v1.1.1 and failed to enable this critical feature. The SlowMist team pointed out that if Bybit were upgraded to version 1.3.0 and the Guard mechanism was properly configured, it may be possible to avoid this loss.