🚨 LIVE w/ BYBIT CEO: The Inside Story You Need to Hear! | Crypto Town Hall - The Wolf Of All Streets

Summary5 min read

Podcast Summary: 🚨 LIVE w/ BYBIT CEO: The Inside Story You Need to Hear! | Crypto Town Hall

Podcast: The Wolf Of All Streets
Host: Scott Melker
Guest: Ben (BYBIT CEO)
Release Date: February 22, 2025
Episode Title: 🚨 LIVE w/ BYBIT CEO: The Inside Story You Need to Hear! | Crypto Town Hall

1. Introduction to the BYBIT Hack

The episode kicks off with Ran and Ben announcing that they are live, marking Ben's first appearance post the massive Bybit hack. Ran sets the stage by outlining the gravity of the situation:

Ran: "Yesterday Bybit was hacked. They were hacked for about $1.4 billion worth of ETH. That is, I think, the biggest exchange hack recorded in history." [00:25]

2. Understanding the Hack: Ben’s Account

Ben delves into the sequence of events leading up to the hack, emphasizing the sophistication of the attack and the internal protocols in place.

Ben: "It was a very typical day... We were moving 30,000 Ethereum from the multisig into our warm wallet system." [02:25]

He explains the three-wallet system (cold, warm, hot) designed to enhance security by adding layers of isolation.

Ben: "The warm wallet provides an extra layer of isolation... ensuring that checks are in place." [04:38]

3. Detection and Initial Response

Ben recounts the moment the breach was discovered and the immediate measures taken.

Ben: "About 30 minutes after I signed, my finance called me... 'Ben, there's an issue. The Ethereum is gone.'" [08:34]

Upon realizing the extent of the loss, Ben activated the company's security protocols.

Ben: "We practiced P minus one security protocols every month... I need to wake up top management." [10:04]

4. Crisis Management and Communication

Ben shares how Bybit maintained operational integrity and transparency during the crisis.

Ben: "I needed to tell everyone that this happened and assured that all losses would be covered." [14:55]
Ben: "We prepared a public statement... ensuring that all withdrawal systems remain live to prevent a complete shutdown." [17:53]

He emphasizes the importance of transparency by conducting a live stream to inform users about the hack.

Ben: "We want the world to know we're handling it... you can see our face and know we're here." [20:35]

5. Handling the Aftermath and Recovery Efforts

Ben outlines the steps taken to recover funds and stabilize the platform.

Ben: "Our security team moved $3 billion back to Bybit using a secure, manual process." [31:31]
Ben: "We engaged partners like Alpha, Bitget, Pionex, and others for bridge loans without collateral." [48:29]

He discusses the collaboration with law enforcement and forensic experts to trace and recover the stolen funds.

Ben: "The Singapore police have escalated this to Interpol. We're marking these funds as high-risk for tracking." [53:07]

6. Team Performance and Leadership

Ben praises his team's exceptional response during the crisis, highlighting their dedication and effectiveness.

Ben: "Everyone performed beyond expectations. I would say 12 out of 10." [37:52]
Ben: "We remained professional and calm, focusing solely on resolving the issue." [39:32]

He shares a motivational message to his team, reinforcing unity and resilience.

Ben: "Dear Bybuddies, it's going to be a difficult time, but we will make it through together." [38:06]

7. Industry Support and Collaboration

The discussion shifts to the broader crypto community's support, showcasing solidarity among exchanges.

Miguel (Arkham): "We sent Bybit 40,000 Ethereum as a bridge loan without any collateral because we believe in their resilience." [58:24]
Gracie (Bitget) and Others: Express gratitude and offer assistance, emphasizing industry unity. [48:29]

8. Legal Proceedings and Future Precautions

Ben talks about ongoing legal actions and the steps being taken to prevent future breaches.

Ben: "We've hired external firms for forensics and are preparing an independent security report." [40:22]
Ben: "We're exploring alternatives to Safe for multisig wallets to enhance security." [42:56]

He also touches upon the potential for blockchain protocol adjustments to address such vulnerabilities.

Ben: "We're in talks with the Ethereum Foundation about possible protocol changes, like chain rollbacks, to mitigate future attacks." [56:00]

9. Reflections and Lessons Learned

In hindsight, Ben reflects on the incident, focusing on the importance of preparedness and transparency.

Ben: "Transparency and communication are paramount in crisis management... This was a masterclass in handling a hack effectively." [57:23]

He commends the crypto industry's collaborative spirit in facing unprecedented challenges.

Ben: "Working together enhances our resilience and ensures consumer protection." [58:29]

10. Concluding Remarks and Future Outlook

Ben concludes with a forward-looking perspective, emphasizing Bybit's commitment to users and the crypto ecosystem.

Ben: "We're focused on building trust, maintaining operations, and ensuring our users are safe and informed." [43:50]
Ben: "Despite the loss, Bybit remains a lean and robust platform, prepared to continue growth and innovation." [51:18]

Key Takeaways

Sophisticated Attack: The Bybit hack involved the loss of approximately $1.4 billion in Ethereum, executed through a compromised multisig cold wallet system.
Robust Security Protocols: Bybit employs a three-wallet system (cold, warm, hot) to enhance security, alongside regular security drills and protocols.
Immediate and Transparent Response: Bybit's swift activation of emergency protocols, transparent communication via live streams, and public statements were pivotal in managing the crisis.
Industry Support: The crypto community rallied to support Bybit, providing bridge loans and forensic assistance, showcasing solidarity within the industry.
Legal and Recovery Efforts: Collaboration with law enforcement agencies like the Singapore Police and Interpol, along with blockchain analysis firms like Chainalysis, are ongoing to recover the stolen funds.
Future Precautions: Bybit is reassessing and fortifying its security infrastructure, considering alternatives to compromised systems and exploring protocol-level solutions to prevent future breaches.
Leadership and Teamwork: Ben's leadership and his team's dedication were instrumental in navigating the crisis, maintaining operational integrity, and preserving user trust.

Notable Quotes

Unaffected Security Systems:
Ben: "We have lifetime dashboard updates... We can precisely know the next five minutes, ten minutes where the withdrawal limit is going to happen." [26:28]
Masterclass in Crisis Management:
Ran: "Someone actually wrote a tweet about... a masterclass in crisis management." [47:02]
Industry Unity:
Miguel (Arkham): "Competitors actually make each other better... we need to work together to face this." [58:24]
Future of Blockchain Security:
Ben: "We need a better way to track and confiscate these funds... transparency and communication are the best way to solve a crisis like this." [57:23]

Conclusion

This episode provides an in-depth, real-time account of one of the most significant hacks in cryptocurrency history. Ben's transparent and methodical approach offers valuable insights into effective crisis management, the importance of robust security protocols, and the power of industry collaboration. Listeners gain a comprehensive understanding of the complexities involved in handling such a monumental breach and the resilience required to restore trust and stability in the crypto ecosystem.

Loading summary

Transcript116 lines

[00:01]
Ran
Can you guys all hear me? Ben, can you hear me? Yeah, we can hear you. Fantastic. Scott, nice to have you here, sir.
[00:07]
Ben
I'm about to board a flight, but.
[00:09]
Scott
Wanted to join for as much as I could.
[00:11]
Ran
Fantastic. Guys, Let everybody know that we're live. Ben, how are you my friend? How are you feeling?
[00:18]
Scott
I'm good. Hey guys, good to see everyone. Managed to get a few hours sleep.
[00:24]
Ran
Oh, you did?
[00:26]
Scott
Yeah.
[00:27]
Ran
That's fantastic. So we're just gonna, we're just gonna wait a few secs. Just let everybody join. Yeah. Guys, share this far and wide. I think this is. Ben, this is the first spaces that you've done after the hack, right?
[00:38]
Scott
It's the first space. Correct? Correct, yeah, correct.
[00:42]
Ran
Amazing. Yeah. Okay, so I think, I think maybe this is probably a good time to kick off. I mean, I think, I think pretty much by now everyone knows what's going on. But the unlikely event that some people don't know what's going on. Yesterday Bybit was hacked. They were act for hacked for about $1.4 billion worth of eth. That is I think the biggest hack and I don't think, I think, I know that it's the biggest hack, the biggest exchange hack, recorded exchange hack in history. I think today we know or we think we know that the Lazarus Group were actually behind the hack. Um, and I think this is the space with Ben just to. To catch up with Ben and just to. To get a first person account of exactly what happened. So Ben, first of all, thank you, my friend. I know it's been a stressful 24 hours. Even though your whoop doesn't, doesn't. Doesn't attest to that. I guess it has been quite a stressful 24 hours. No.
[01:38]
Scott
Yeah, it was a lot of coordination, a lot of meetings, a lot of actions. I don't have too much to much time to think about stress, to be honest. It was just making sure that all the puzzles, every pieces was. Was running in, in, in the order that it should be and play my role basically as the CEO of the exchange when, when something even happened. Yeah.
[02:06]
Ran
So walk me through, walk me through like how this all started. I mean it was a normal day and you received, you were. You guys were trying to move money from the cold wallet into. From the hot wallet into the cold wallet. Walk me through the, like how this started and at what point you realized that there was a problem.
[02:26]
Scott
Yeah, it was a very typical day and typical maneuver. It's not. It is from the cold wallet to the, to our warm wallet so Bybit runs in such way that we have a hot wallet system, meaning that basically when you withdraw, you know, once the system checks everything, it's approved and it's automated. That's why clients can get their withdrawal maybe typically in one or two minutes. And that's all through the hot wallet system. And when the hot wallet is kind of running low, there is a warm wallet which you can kind of imagine is like a fireblock sort of infrastructure where a few of our admins needs to go in and manually approve the transaction. So, so it moves money from the warm to the hot wallet. Now when the warm wallet is running low, then we need to top up from a cold wallet. The cold wallet as the way we design it is completely isolated from our own wallet infrastructure. The warm and the hot are self developed internal infrastructure that's completely intertwined with our risk check and basically overall internal systems. And the cold wallet, which in this case we use is safe, the third party provider, which is a smart contract based multisig ethereum wallet which I think a lot of the exchange use. So it was a typical day.
[04:16]
Ran
Just one thing that I'm struggling here is why do you have a three wallet system versus what is usually a two wallet system? So usually I understand that exchanges operate with a hot wallet and a cold wallet. They keep the cold wallet completely disconnected and they keep topping up the hot wallet to meet daily liquidity requirements. What is the purpose of the warm wallet?
[04:38]
Scott
No, the warm wallet it provides extra layer of isolation. Right. So the hot wallet essentially the seed, if it's not the seed, if it's whatever, it depends on the way you design it, it's in the system and it could be compromised by physical design because it is part of the system, because it requires automated withdrawal. So that warm design is to kind of making sure that involves admin, personal kind of approval and making sure that checks so that, that provides that extra layer of isolation.
[05:23]
Ran
Okay, so you were trying to move money from the cold wallet into the warm wallet and what kind of amounts were you trying to move across? I mean you weren't trying to move 1.4 billion, right?
[05:34]
Scott
No, we were moving 30,000 Ethereum.
[05:37]
Ran
Okay.
[05:38]
Scott
And so, and yeah, so 30,000 Ethereum was to be transferred from the code, the multi, the multisig into our basically warm wallet system. And then it was a typical day where when I get it, I'm the last signer of the whole sequence, then the previous signer have already all signed and it was around I think 9:30 at night for me. I saw the message, so I did the usual sequence of actions. We do have a security protocols of which laptop we need to use. What things we need to check, which URL we need to check. I did basically the whole thing. After the whole Chan transaction was completed, about 30 minutes I get a call from our Ben.
[06:38]
Ran
Before we go there, you guys are doing this regularly. How vigilant are you about following the security protocol? Because I. The reason why I ask is we also have security protocols but some of the times because I do something, rinse, repeat, rinse, repeat, rinse, repeat. Sometimes I'm kind of like, you know, I don't check every single detail. In this case, do you think that you checked, do you have a protocol? Did you follow every single detail or was this just. I've done this, I do this every week. It looks the same, it feels the same. I'm just going to press the button.
[07:11]
Scott
Yeah, no, I understand. So we do this almost every week, but the protocol, it's not so difficult to follow. Right. And also our laptops are always being checked on a monthly basis. Make sure that it's bug free. What's interesting is the safe design. It requires Internet meaning that I am using, using my work laptop to do this which my work laptop is in a way set up that I cannot install anything or anyone can cannot install anything on my work laptop other than the pre installed apps that you can imagine. It's the communication software we use.
[08:02]
Ran
And where, where were you, where were you when you signed this? Were you at home? Were you at the office? Were you at a restaurant? Where were you?
[08:08]
Scott
Yeah, I'm at home. And what interesting is all the previous signers were all in different locations of the world. So I'm actually at home. Yeah.
[08:17]
Ran
Okay, so you at home, you get a message on Pro, I take it on some kind of group saying hey guys, we need to move 30,000 ETH. Everyone signed, you're the last signatory, you signed the transaction. Everything looks and feels 100% normal. What happens then?
[08:34]
Scott
Yeah, to go through some detail, it's a link. We always use a communication software where we share the secure link from safe. The first protocol is basically I need to check, make sure the link is from SAFE official site. So click on that, making sure that it's all good. And then the signing process is we're using ledger. So, so I have my, my ledger ready, plug it in, we open it, I open it, I check the address, I checked the destination, I checked the contract. So that's all usual. So everything was conducted Everything. Then I signed it as the last signing. And then I moved on after that. Well, after I signed, informing the group that it was completed. But then 30 minutes later, my finance called me. I mean, I can feel something is wrong because the guy was just shaky. He was. His voice is my. Kind of my cfo. You can imagine he almost cannot speak. He says, ben, there's an issue. And I was, okay, what happened? And then he told me, yeah, we might be hacked. And, okay, I said, the 30,000 is gone. No, all of the Ethereum was gone. I'm like, what do you mean, all of Ethereum? So at that point, I don't know how much is in that wallet. And he told me it's around 1. $1.5 billion worth of Ethereum. Yeah.
[10:04]
Ran
Okay, so take me. Take me to that moment when he tells you. It's. I can imagine that you felt okay, 30,000 eth. Deep breath in, deep breath out. I can stomach a loss like that. Tell me about how you felt when you heard it was 1.5 billion or 1.4 billion.
[10:24]
Scott
Yeah, no, initially I thought it was 3,000. So I said, okay. And then he says, no, it's not. It's all of the Ethereum that we have in that specific wallet, which is about 400,000. And I was like, okay, how much is that? At that point, I couldn't do the math. And he said, it's about 1.5 billion. And then he just kind of this overwhelming, kind of breathless. I cannot breathe. Maybe for about five seconds, I didn't say anything. And I said, okay. Then I think about 10 seconds later, I told myself, I need to snap out of it. We need immediate security protocols. By the way, that Bybit. We practice what we call P minus one security protocols every month. That means with one button, I can wake up everyone in the company. But also I have a button to wake up top management. So I said, okay, let's go into P minus one security protocol. So we called all the top management, and then we start to. Basically, I start to put my CEO hat on rather than. So at that point, I told myself to stop thinking about the money, but to think about what do we do now. Yeah.
[11:40]
Ran
At any point then did you worry that there was more to be hacked? Or, like, was there a point where you thought, shit, what if they could get access to more? Or did you know that it was contained?
[11:54]
Scott
No, at that point, I didn't know. So, yeah, after basically that kind of told me in 10 seconds, I was like, okay, the next question I Asked is, how about the other wallet? Because at that point I don't know how much we have with SAFE and I don't know where we are on other wallet. And then my finance team told me that we do have other wallet, but it seems to be all fine. It's only the Ethereum that has been moved. And I said, okay, we probably need to call SAFE immediately to make sure that they.
[12:33]
Ran
At what point do you realize the cause of the hack? Because did you put one and one together immediately to say, shit, something's wrong with the transaction that I just signed, or did you realize that at what point did you realize what caused the hack?
[12:54]
Scott
I think it's exactly around that time I asked, what about the other wallet? Hot wallet. My team says it's contaminated. So during that call, when my finance called me, my security team is already in the call. So I asked them, okay, what about the other hot wallet? They said, it seems to be fine. They're not moving. We have monitors, we have dashboard looking at all the hot wallet, only this Ethereum cold wallet, it's been breached. And I said, okay, this is the multisig. And they're saying it's correct. And then I asked them, do you see any issues with our own wallet system, which means our heart and our warm. And they said, no, it's not an issue with Bybit, it's the multisig that you just signed, which is the safe wallet. So at that point I pretty much know that it's not a kind of internal breach of our internal system, but it's more of the multisig we signed just now and it's that specific multisig. And I asked the security team what caused this and they said either is one of the your UI was spooked or it could be a server issue, but nobody knows. But they're pretty sure it's only the multisig that we just signed. And it seems like the trigger is that we have to sign again in order to for any other trigger. So I say, okay, stop all that. We're not going to sign anything but that point, you know, I pretty much know that it's not really internal thing. And that's. Yeah, that's how I know. Yeah.
[14:35]
Ran
Okay, so now the money is gone. What's the next step for you? So you've spoken to your team the money, you effectively realize that the money is out of your car account and you've been hacked. You've woken up the whole management team. What are the. What, what went through your mind? What are the priorities at that point.
[14:55]
Scott
So yeah, actually there's a. Before I, I called management, I asked my finance, I said, can we cover that? Can we cover this? My CPO said yes. My CFO said yes, we have enough treasure to cover this. Then I think the whole direction changed to making sure that this message is out. But then I know that I need to tell everyone that this happened and the worst case scenario that we will take the loss. Because in my head, if we cannot cover, then my job as a CEO is probably to look for money to make sure that clients not suffered. But if we can cover it luckily in this time, then I call the management. My priority is to make sure that everyone knows what happened. After I called, I immediately said, probably people already can see on chain that this has happened. We need to prepare a public statement, all hands on deck, wake up. All the support clients are going to come and ask, we need to start answering questions. But then I assured my management that we can cover all the loss or hands on deck. We don't plan to suspend withdrawals, so be prepared for the big bank run that's going to come.
[16:30]
Ran
Was there a period in the entire process, Was there a period where you doubted that you guys could cover this? Like, was there a period in your mind where you thought, I'm not sure we can cover this? I don't know how much money is in the Treasury. Was there any time where you were like, didn't know if you guys could cover it internally?
[16:51]
Scott
No. When I heard the 1.5 billion, I know it's a huge amount, but my head is, can I cover it then I know we can cover it. It's just that I don't know if we have enough Ethereum to cover it. And maybe at that point we need a bridge loan or some and I'm not sure if how much of our liquidity in what token, but yeah, pretty much when I heard the 1.5 billion number, I'm aware because our finance team, we have all the monthly report and everything, big numbers, I'm aware.
[17:25]
Ran
So it's a very big hit. But you breathe a sigh of relief, you can cover it. I'm interested to know who you're speaking to during this crisis. I know I texted you, I think immediately I didn't hear back from you for a while. But I want to understand right now you've just heard that the hack, you've spoken to your finance team, you've entered protocol P +1 or P +1. The whole management team is up. Who are you Talking to who is the command center that's working around you now.
[17:54]
Scott
So I'm the command, I'm running the whole command and then immediately I call my COO Helen. I told her that what happened and I said expect massive hit on our support team on Twitter because this will be leaked, people will know very soon. And then I think she wake up immediately. There's a button she calls to call her direct reports. That's the PR team, social media team, that's the customer support, basically all the frontline teams. And I believe then she goes to in that meeting and brief those teams on the next steps. So basically I told Helen COO to prepare and prepare a public statement about what happened. And the next I did was called my cto tech and product head. At this point I know that clients is going to do bank run and the next worst thing is you experience their system shutdown. So I told them that we can experience a massive hit on the withdrawal but we need to make sure that all withdrawal system are live and all products are live so that at least clients don't see a page 404 or something like that so that they wake up the emergency tech support team to make sure that all system dashboard are green. And it was true. About 30 minutes later we start to see massive, massive withdrawals. And then the whole product and tech team, their priority was to making sure that it's not about the withdrawal, making sure that all these massive flow, clicking the withdrawal buttons, there's no stuck. Everyone can experience the Bybit product live with no problem. So that was my second thing after that. Yeah.
[20:02]
Ran
Okay, so now you've instructed everybody, everybody is now expecting the worst. I assume that somewhere around that point is when you went and you did a live on the Bybit streaming platform and you did that very, a very good live. And you, you transparently told everyone that you had been hacked and you explained the, the mechanics of the hack at that time I think you said there were 120 withdrawals that were stuck. If I'm not sure if my numbers are correct, but I think you said there was a very small number. Walk, walk me through what happened after that.
[20:36]
Scott
You know, so, so kind of what happened is after I did that took him in, I immediately I start to craft a tweet because I think at this point I need to make a tweet as the CEO of the company to calm the market. And I start to my PR team already start to tell me Ben, we are getting hits on TW asking have you been hit And I think, okay, we need a public statement immediately. So I crafted that first tweet I did saying that we believe that we've been hacked and all that. And then after I tweeted about five minutes later, I called my live stream team to all go to the office. And then I'm cleaning up my. I take a shower. I'm heading to the office as well to prepare for the kind of the live stream. So that's how we. We arrived. The livestream part.
[21:26]
Ran
When you arrived, when you arrived at the office, how many people were at the office? Walk me through the mood. Like, I mean, I guess you showered pretty quickly and you rushed to the office. When you got the office, how many people are there? What's the mood?
[21:41]
Scott
So, so basically we have a. We have a building in Singapore. I happen to be in the Singapore office. And when I arrive, our support is always there because we have live support 24 7. I can see that the support is full. Everyone is extremely focused, busy typing away. The mood was quite tense. By the time I get to the live stream room, which is actually on the fourth floor, next to all the corporate function, that's the legal, the hr, the admin. I see pretty much all of my legal teams already there. So I assume this. I did not inform legal. I think it's probably my COO informed legal to already come to office to get ready for the police report and everything. So that's the first one I saw. But everyone was just busy. I came in to the office and then was sitting there kind of looking at Twitter and making those. I was focused on making more tweets, answering some questions there. And then while I wait for the live stream equipments and everything to be ready. About 10, 15 minutes after I arrived, the live stream team arrived. It was three people, three girls. I can see they've been dragged out. I think they were about to go to sleep. But they were very tense. They were very serious. Everyone was just running, getting equipment, getting lights, the videos, checking the mic. Yeah, I think, but everyone was busy. Everyone was already focusing on their tasks. Yeah.
[23:19]
Ran
Okay. And then you did the live stream. What happened? I mean, I think a lot of us watched the live stream. You, you were quite transparent in your approach. What happened after that?
[23:31]
Scott
Yeah, so even during the live stream, I did about. So before the live stream, I would kind of sit down with the live stream team on what is the plan? What is the goal? I said, well, it's quite important for us to be there. It's more important for. It's Important what we say and tell the clients, but it's more important that we are there. I wanted to be with the live stream. I told the team it probably is going to last about two to three hours so that during this critical time they can see my face and they can see the team and the clients can see us knowing that we're here handling it. But I said every about 20 minutes I need to go to get the top update on what is the latest development. So who can be on the live stream with me? I need someone. Then I think we find Sun Yit, who's our head of derivatives. He's available. So he was doing that and then I was talking to the live stream team during those period when I'm away, when he's also finished answering, what do we do? And we said okay, let's do a countdown. But we don't have that. So we immediately prepared a slide telling the audience we'll be back at UTA time. What time? So everyone knows it's not a thing says it will be back. If you don't tell the audience that you'll be back at exactly what time, people think you are kind of dragging your feet. Right? So we make sure that we always have a time and the audience who are watching the live stream knows that okay, we are only away 20 minutes. We're not. So that was critical things we decided during the period. And then I think when I'm away I'm just getting the top level update. Number one is from security. This is to answer your question, like what happened during after. So security, I want to know what happened. Do we know that this problem is already contained? My top level is my other hot wallet secure 100%. So that's one of my first thing I need to find out. And the security team told me that yes, it's 100% secured. However, we might experience a liquidity crunch because the Ethereum is gone. And so that we, you know, obviously we only. That was about 70% of the client's Ethereum. That means we need to borrow Ethereum to fulfill clients withdrawal and assume all these clients want to withdraw Ethereum because this was the one that hacked. So I said okay. And then I called, you know, a few key persons to be in charge of going out, talking to partners to get a loan. So I need to make sure that the progress of the loans is in place.
[26:28]
Ran
We're not worried at this point, we're not worried at this point about a Ethereum short squeeze because effectively you were short $1.4 billion worth of ETH. So we're not worried or not looking at ETH and going please God, I don't let this not let them not start squeezing me out of the market now.
[26:46]
Scott
Yeah, I think what we are lucky is that BYBIT is always really one to one. So I never had that fear. Number two is all of our system. We have lifetime dashboard update on where we are all the wallet system, clients, asset withdraw, even the loan ratio and the risk ratio. I can see it on a dashboard and it's only about 10 second delay pretty much of all systems. So I can precisely know the next five minutes, ten minutes where the withdrawal limit, where is the queue of the withdrawal is going to happen. So all of that we have everything in control because we can see it. My finance team, my risk team, we all can see it. That made everything much easier if we were talking about compared to let's say ftx. Maybe they don't have anything to look and that's why.
[27:41]
Ran
But were you not worried? We're not worried. Like if I'm just putting myself in your in if I was in your shoes. I know that $1.4 billion worth of ETH is stolen. I know that I've got $1.4 billion but that $1.4 billion is not in east and people are going to start drawing eth. Well, you're not worried that you're going to need to buy ETH on the open market, whether it's to repay loans, bridging loans, ultimately you need to buy ETH to replenish the ETH at some point, right?
[28:06]
Scott
Yeah, I am worried. So that's why we need to borrow ETH from partners for this withdrawal and at the same time with our withdrawal we can put a priority on the Ethereum withdrawal meaning that there are a lot of version of Ethereum on different chains and clients can withdraw. So we have a measurement of our stockpile and then the withdraw that coming in. What's interesting is that the Ethereum was never the biggest requested token of withdrawal and everyone is withdrawing actually stablecoins which is USDT and USDC USDT being the majority. So then when we see the flow we start to think okay, even with the reserve we still have, we can cover at least for two, three hours. That gives me about two to three hours to get along for Ethereum.
[29:03]
Ran
Okay, and what did you do? Who do you phone? How do you get a loan?
[29:07]
Scott
Well that's not even during this point another issue comes up is that. Well two more issue comes up is that My, my team is telling me Ben, our USDT code wallet, is also with safe. And because of this whole incident, SAFE has shut down their services. So I have about 3 billion worth of stablecoin that's locked. And while my clients are always drawing and from the amount we got like 100,000, I think 200,000 within two hours withdrawal requests. Right. We can predict our stockpile on USDT is not going to last for too long, maybe five to six hours. So within five to six hours, we're going to have a liquidity crunch on stablecoin. And then this is a bigger issue because that's about 3 billion shortage that I need to fill unless I can magically somehow move my money from SAFE again. Now, even if SAFE tells me at this point that Ben is SAFE to move those money, I'm scared to move because I just lost 1.5 billion and using the same system and now I'm looking at 3 billion. I'm like, well, what are we going to do? So, yeah, so at that point, this is starting to become an even bigger issue. And then I told my security team to really crack down and talk to safe. We need a better way to get this money out. And so basically for the next four hours, my security team focus was trying to crack down SAFE with a software we develop that we can trust. We know that we can move. If you guys noticed about the last bit of withdrawal, if you look at my tweet, I said we're moving about $3 billion back to our warm wallet. That's basically my security team, I would say 50 people, they just wrote a code based on Etherscan to move to verify the multisig on a very manual level to basically move that Stable coin back to our wallet system. And so once, yeah, when they moved.
[31:31]
Ran
In that, in that two seconds where they moved the 3 billion from the one wallet to the other wallet, I mean, were you watching the transaction? Were you holding your breath? Because I can imagine if it was me, I would have been like, I would have been like, okay, yeah, that's life and death.
[31:48]
Scott
That's a life and death.
[31:49]
Ran
Yeah.
[31:49]
Scott
No, but they did multiple tests before even with me. We did maybe four different tests with other wallet. We're pretty sure this is secure. And then lastly, let's do it in one go. That's why you think you didn't see a test. It was one go, 3 billion banned back to Bybit. I was like, shit.
[32:10]
Ran
How many hours after the hack is this and what time is this in Singapore now? So now they've moved to 3 billion. What time is it?
[32:17]
Scott
Yeah, that's about almost 10 hours by the time we crack. Yeah.
[32:22]
Ran
So this is like, this is middle of the night. This is 5am, 6am something.
[32:26]
Scott
No, this is about 6. No, actually 7, maybe 7am, 7 to 8am Basically, the whole team was up. Yeah. All night long.
[32:36]
Ran
And how much of Bybit's reserve, how much of Bybit's reserves or total assets under management are being withdrawn at this point in time?
[32:47]
Scott
By which time I'm saying, but when.
[32:50]
Ran
You move to $3 billion, how much of the total assets under management have you guys withdrawn? Like, how, how bad is the bank run currently?
[33:00]
Scott
As we see is about 50%.
[33:03]
Ran
So 50% of all the funds on Bybit were removed, correct?
[33:08]
Scott
Correct. Yeah.
[33:10]
Ran
Okay. And I mean, how bad was the backlog? So in other words, what was the time that people had to wait?
[33:16]
Scott
The backlog was bad because the initial rush was too much. The system handled so much withdrawal. Not only the system was kind of backlogged, obviously with each withdrawal there's multiple checks. That's the typical process. Right. If, let's say you are withdrawing from Bybit, unless it's a familiar address, if it's an unidentified address with a big amount that involves a risk team to check, making sure the client is not hacked, and also verifying the AML compliance, travel rule, all these things. So there's actually a lot behind a withdrawal that's going through whenever a withdrawal is happening. So the system was conjectured, team is overloaded, although all the teams are there to process them, but just too many. And then also our network is congested because there's so many people trying to withdraw from the wallet. And then there was multiple, like, areas to bump fees. And also there's multiple chains. We have different stock reserves. Let's say, you know, we have USDT on Tron, we also have USDT on Solana. And people are trying to. More people trying to go through Solana or here. And then there's always a team that's kind of backing up all the liquidities. So there's multiple levers making sure that smooth. Everyone gets withdrawal. Basically everyone have to double up on whatever they do. So that's why there's a backlog. And you see that, okay, some people took three, four hours. It's actually simply because there's too many withdrawals and we are just following regular procedures to process them.
[35:05]
Ran
And, and where are we now? So where are we now? Is everybody processed? I mean, I was watching earlier and I saw Actually more money was flowing into Bybit than flowing out of Bybit at one point today. So what's the situation as we stand?
[35:19]
Scott
So as of now, it's business as usual. So about at the 12 hour mark, which is about 10, no, 9am Singapore time, all backlog has been cleared, Every single system is green. Basically all the withdrawal process from the rush time has been cleared. That means from that point on, at 12 hour mark is only new withdrawal being processed. And that was relatively. We kind of go back to our normal phase. So we kind of handle everything in about 12 hours. Yeah.
[35:56]
Ran
Okay, so I want to go back down and say, at what point did you lose hope of recovering the money? If you've lost hope of recovering the money and like, I'm sure there was a period where you thought, I may get this money back. And then I guess at some point you realize that it could be Lazarus that that has the money, in which case, I mean, the probabilities of getting it back seem pretty low. Just walk me through the, your thought process about thinking about the money that is stolen.
[36:23]
Scott
It was never a priority actually, even until, I mean, at least for the first 15 hours. If I know that the money loss can be covered by us, then I don't need to go out, look for money making sure clients are safe. Then my next is making sure that we withstand the bank run, we handle the crisis. Because to me, getting the money back is not as important as handling this crisis, making sure that the Bybit brand is there. We want to show the world that even when a crisis like this happens, we are a reliable team to handle all these things. So these reputation things are more important to me. At which point, I think even immediately after, I know this is sophisticated to things and judging from how the money is flowing immediately into all these things, it's out of our control. And then I will let the security team, a legal team, handle the chasing. But me as kind of the commanding officer there, my job is to handle the client requests at the time, making sure that, you know, those things are handled.
[37:38]
Ran
Yeah, and, and what's, how would you rate your team's performance in this period of crisis? Like how, how do you, how would you rate out of 10, how would you rate your team's performance through the night?
[37:53]
Scott
Oh, I would say 12.
[37:55]
Ran
12 out of 10. I must say it feels that way. And I was also talking to members of your team through the night and yeah.
[38:07]
Scott
Everyone. So, so immediately. So if you go back in time after I arrive in office, before the live stream, that's when I had a bit of time to sit down and I crafted a message to the company and actually I can read it if I see it somewhere. We have a company group. Yeah. So it's a CEO message and I said dear bye bodies. We call each other bye buddies. Understand that it's a difficult time now. Appreciate that all of you standing line. It's going to be a difficult 24 to 48 hours that we will face. However that I'm confident that we will make it through. Please ensure that we remain professional and calm. To all clients and external partners, we will try our best to maintain withdrawal. At the same time I want to say that even with this amount all loss, all clients assets are covered. It is the time to answer clients questions in a timely manner and be there with our clients. We will use transparency and communication to remove doubts from our clients Tech and product please make sure that all system are normal. We cannot have another up now to cause another fud. All hands on deck. So that's what what I said and I think wow, wow.
[39:23]
Ran
I mean it's a real very strong leadership message keeping the like motivating everyone, keeping everyone in check and, and just making sure everyone's aligned.
[39:32]
Scott
Yeah. So everyone I think is aligned and then with the reason I think everyone is there. Everyone is almost by a bit. You know we work in office, we use centralized office. So everyone is in the office and I think everyone is focused. Not a single blame. No one's asking you know what happened. Everyone is busy on solving the issue and even until now. Yeah.
[39:57]
Ran
And now in hindsight, what, what do you think actually happened? How did they manage to compromise four co signers or four multistigs? I mean this is sophisticated. This is a step change in hacks because they're accessing cold wallets. This is like a complete, complete, complete step change. How do you think it happened? How do you think they managed to infiltrate four people's ui?
[40:22]
Scott
Yeah. So even until now we don't have a confirmed answer which we will come up with a security incident report. At the same time we've hired external helps to investigate and do forensics with us so that we will have independent report as well. From what we have now, immediately after then the security team imaged all of us laptops so that we can make sure we restore to where we were and how it happened. Upon current checks, none of the laptops are compromised. There's no trojan or any kind of virus had been found on the laptops. At least to our security knowledge. Maybe this super advanced model we couldn't find, but we didn't find any of that. Also what they did is interviewing every single signer exactly back timeline what happened. And all of that is recorded, every single step. What did you click? What did you see? At least after all that, it seems like a normal process because in our security we check the URL we click on that. We still haven't found the answer, but I guess answer will be found very soon. But again we'll keep everyone posted.
[41:50]
Ran
Doesn't it worry you, doesn't it worry you that you haven't found the answer because your exchange is running as normal, which means that, that you're going to be making transfers from hot wallets to cold wallets, cold wallets back to hot wallets. Doesn't it concern you that you still don't know what the cause is?
[42:04]
Scott
We know the cause is definitely around safe, cold wallet. Whether it's our laptop or the safe side, we don't know. But we know that's the problem. So. And we now have our own way to extract the fund. So so basically the stable coins is out of safe and also our other major big amount of reserves are out of safe. So basically that is isolated. So we are not worried about that anymore because we already have our own way to extract the fund back to our system. And so now next thing is left is what's next? What multisig or cold do we use to replace safe at this point? And this is what the team is looking and looking to now.
[42:56]
Ran
Yeah, and I mean are you guys, are you guys insured for situations like this? Is this, is there, is there insurance for these type of situations? Is anybody, do you have a fund? What's the process here?
[43:11]
Scott
Yeah, I think the, I don't think there's any one insurance that can guarantee exchange for hacking purposes. Right. So in that sense, I guess the answer is no, we don't have insurance for the hacking of this, but we do have other insurance pools and things like that. For other things. Yeah.
[43:36]
Ran
Okay. And how, I mean not almost 24 hours later, or maybe it's a little bit more than 24 hours later. How, how are you feeling now? How are you feeling? I mean, you must be exhausted. Are you angry? Are you upset? I mean, how are you feeling?
[43:50]
Scott
Yeah, I had about two hours sleep. I was quite wide awake again even until about in the afternoon. I think it's the adrenaline and it kind of hit me later in the afternoon so I took a nap and now I think I'm again in that mode. That I need to be more focused. So we've put a task group, a task force making sure each key person is chasing on their side. Security is making sure that they're looking into what happened and also how to prevent this and also uncovering other fund. There's one team on it. And then for my. So there's many things to be done. We've managed to kind of stop the first wave, but what's next is to build trust, is to keep growing and operating as exchange. So that's the difficult part. And the first thing we did is to put a task force and get our BI team again. Bybit is a very number driven company. We use a lot of dashboard. So we were building a new dashboard for the disaster impact. So impact report, how many clients we lost, how many VIPs, how many institutions, how many liquidity, how many AUM, once we identify all this problem, okay, liquidity, how do we get it back? VIPs, how do we get it back? And retails, how do we get it back? And then you divide into tasks. In fact, one of my tasks is to be more vocal, making sure that I'm out there talking about this, doing this now so that everyone is aware that Bybit is here to continue to operate. And. Yeah, so I think that's, that's the next part. Yeah.
[45:41]
Ran
Ben, as a company, did you guys train for something like this? Did you guys prepare for something like this? Have you guys done done drills for things like this or was this working out as you go along?
[45:53]
Scott
We, we have a, what we call tech ops team that does a monthly, monthly drill on again, what we call P minus 1, like P minus 1 meaning extremely urgent incidents. It could be a hack, it could be a system shutdown, it could be that the withdrawal system is down or derivative system is down. You know that Bybit the crypto is 24 7, so we are 24 7. So we are very much trained in emergency response and the teams are very fast in responding to any type of emergencies. So but in terms of the hack, we are not trained to respond to hack because we've never been hacked. But it's not so different than responding. Let's say your spot market is down or your whole website is down. I think it's similar response because then it's the customer support team, the PR team, everyone gets up, they all know what to do. But it's just the content is a bit different.
[47:03]
Ran
Yeah. I must say I've known you for, for many years and I've known you. I've known you, like, socially, and I've known you in the realms of running an exchange. And I've always thought that you've been a very good leader. But I think you truly understand who the real leaders are in times of crisis. And even I was surprised, and I said in the most humble, positive way, even I was surprised at just how effectively you executed in the last 24 hours. You were transparent, you were efficient, you were available. It was a masterclass. Someone actually wrote a tweet about. It was a masterclass in crisis management. You were dealing with a $1.5 billion hack. And I think, I mean, it's a case study in how, in how crisis situations should be hacked. I really believe that the way you handle this on a global level was absolutely, absolutely incredible. Yeah, thank you.
[47:58]
Scott
Yeah.
[48:01]
Ran
I saw there were. There were a lot of partners that came to the rescue. I see Gracie's here from Bitget. In fact, we'll. We'll actually just get it up here as well. I know Bitget came, came to the rescue. I know Binance came to the rescue. Just walk me through. Partners, friends, just walk me through. This is probably a good time to acknowledge some of the people that really tried their best to assist. Walk me through how that happened and how you felt about all the help.
[48:29]
Scott
Well, I'm overwhelmed by all the support that we received. It is a tragic time for us, especially for Bybit. But with all the support, we really felt that the whole industry was behind us. I think at this time, we all recognize it's something that none of us want to see happen. And there was no competitor. It was all partners supporting us from all over the place. Basically, immediately after news, my phone was getting swamped by partners offering help. Say bye bye, Ben. If you need help, we can help. My emails are, are getting swamped. And then obviously immediately, there was a few things we needed immediately. As we see, number one was that bridging loan to cover the missing Ethereum. So a few key players really helped us on that. I would like to say special thanks. One is an Alpha. They helped us to give us a good loan on Ethereum. Big get for sure. They give us a loan without any collaterals. They just say, here, wallet, address, we'll send it to you. Pionex, another exchange and also mexc. I was so busy running here and there and I'm asking my team to kind of reach out to the partners. I might be missing a lot of the guys, but I'm getting all sorts of partners, connections. And also I think There was social value, Solana Tong, even the kind of the UAE blockchain center, Golf Capital, like Bitval Tether. Tether was helping us freezing funds, really active. Galaxy Digital offered help to give us a loan. And basically we have all these other friends who are doing forensics, white hacking that was connected to us. So really, really deeply grateful for your help. I think Ron, you are muted.
[50:53]
Ran
So I was saying, sorry, I'm sorry about that. You said this was a tragic time for Bybit. What does this actually mean for Bybit? You had enough money to cover the loan, I guess, cover the loss. What do you think? What does this mean for Bybit? Does this mean slower growth? Does it mean cutting down on certain initiatives? Have you done the maths of what this actually means for bybit?
[51:19]
Scott
I've given the homework to our finance team to do projections based on this loss on our own Treasury. What does it mean? What does it allow us? What does it restrain us from the initial plan? The team is still number crunching and trying to give me a overall look. But again this is not all the treasuries that we still have some reserves left. So I don't think it's going to be, impact us in a way that you would notice, but for sure it will impact us maybe on some of the long term plans we've had. If we were thinking about mas or if we were thinking about big investment in somewhere, maybe that will be affected whether it's delayed or canceled. But in terms of the daily operation, in terms of the maintaining the operation level, maintaining the current team, Bybit is always run on an extremely lean model. We have about 1,800 staff globally, which is actually quite lean compared to the other players. So I, I don't think these things are, are affected.
[52:34]
Gareth
Yeah.
[52:35]
Ran
And okay, so I, I guess, I guess, I guess that's, I guess for, for private business as usual. Are you, are you thinking about or are you, what, what, what is the probability in your head right now that you believe of getting any of the money back? And like, have you, have you thought about it or have you written off the money in your head? Do you believe that there's a chance of getting it back? Do you believe that there's even a point in the police getting involved? Like walk me through how you, you see the legal process.
[53:08]
Scott
No, we will try our best. We would definitely have a whole task team on it, how to get the money back, whether it's to chase it and try to block it, if it's trying to go through a bridge to go to other cross to other chains. Like this morning the team informed me they were trying to move some of the money into Bitcoin through a bridge. So we informed them and they were kind enough to help us to block the fund immediately. So we'll continue to do that and I assume for the hacker it would take them a long, long time to eventually wash this money out. And we are hoping by putting enough trouble to them maybe they would consider returning it at some point or also we just issued a bounty to ask the community to help us. Whether you can lead to the direct retrieves of the fund or some trade evidence that helps to retrieve, we'll give you a bounty. And yeah, and the police is involved. Actually the Singapore police took it very seriously and I believe already escalated to an Interpol level. So they will mark this fund into a very high level kind of watched crime fund so that even it will trigger down to chain analysis level, that kind of sanctioned address and these type of things. So with efforts like that, I think as long as Bybit is there, we will continue to track and hope we can get this fund back.
[54:50]
Ran
When you spoke to the police, I mean blockchain is, is a relatively new thing. Blockchain crimes are a relatively new thing and a racing in most countries. I'd imagine that the police wouldn't have any idea what, what to do in a case like this. When you, when you spoke to the police and I'm assuming you reported the Singapore police, how clued up were they and how like how smart are they when it comes to blockchain crime?
[55:16]
Scott
Singapore is very developed in terms of blockchain crime. There actually had been a few prosecutions based on that. What's interesting is even before we approach them, they already know what happened. So again, this is the biggest apparently haste in the history of any type of hacking. So when we approach the police, they know by bit and they know this happened. So they were offering help very quickly. Yeah.
[55:51]
Ran
And at any point did the thought cross your mind to reach out to the Ethereum foundation to roll back the chain? Was that ever a consideration of yours?
[56:00]
Scott
We will try everything again. So I had my team talking to Vitalika and the Ethereum foundation, see if there's any recommendations, you know, they can offer to help. And I do really thank for all these guys on Twitter asking say if there's a possibility to roll back the chain. And I think, I'm not sure what was the response from their side, but anything that would help we would try. Yeah.
[56:28]
Ran
What do you think? Do you think that they should roll back the chain? Because, I mean, it is a bit of a dilemma. Right. On the one hand, it's blockchain and every transaction is irreversible and immutable, etc. On the other hand, this is a hack by probably a terrorist organization or, you know, a sanctioned organization. What do you think? Like, if, if it, like, do you think that the right decision is to roll back the chain or not to roll back the chain?
[56:53]
Scott
Yeah, I really don't think. I don't know. I'm not sure if it's a one man's decision. If based on the spirit of blockchain, maybe it should be a voting process. Right. That see what the communities want. But I'm sure, I hope this is the last time this type of case would happen to anyone. But again, we know hacking does happen and how do we prevent this efficiently? There should be a better way to track and confiscate this fund.
[57:24]
Ran
Yeah, I guess. Also sharing as many learnings as possible, which I think you've done very well by being transparent and sharing every step along the way. I think that's one of the things that if, if it was safe systems that were broken, then we need to know about it, if it was BYBIT systems that were broken. Because I think everything that you guys can share would just make the industry a lot stronger.
[57:48]
Scott
Yeah, no, I think we believe in communication and transparency and I think this is the best way to solve a crisis like this. And that's what we did. Yeah.
[57:57]
Ran
Yeah. So I think, Ben, if you've got five more minutes, I think we'll bring up some other speakers. I see that the guys from Arkham are on. I see Gracie's on. We'll bring up some other speakers and maybe just take five minutes of Q and A, if that's okay with you. Yeah, all good. Amazing, amazing. So guys, if you want to come up, just let us know. Otherwise, the guys from Arkham, I see we've got Miguel on. Miguel, anything that you want to add?
[58:24]
Miguel
Well, Miguel, do you want to. Go ahead? Okay. So I actually don't have that much question. Maybe one followed by sharing a little bit story behind what we were thinking when we were trying to support Bybit, as Ben mentioned, we were among one of the first exchanges to send them. We send them actually 40,000 Ethereum about four or five hours after the hack as a bridge loan without any collateral, without any interest rate. And we're not rushing them to pay back. It doesn't really matter because we do believe that Bybit will survive this. So what. What I really want to emphasize here is that especially after FTX clubs, our industry has been through a very difficult time. Lots of, you know, retail users, projects also experiencing a hard time, you know, centralized exchanges ourselves, we all went through the very bear market in 20 end of 20, 22 and 23. So we as a competitor or so or peer, what we truly believe is that we need to work together to face this. Especially given that the Bybit case is very different from FTX case and in our opinion, competitors actually make each other better. If you look at Coca Cola versus Pepsi, like Madonna versus kfc. And we want the industry to have to be in a fully competitive environment so that it's the best for our users and program. And that's why, you know, without any hesitation, our founder and Ben are also very good friend. I've seen Ben multiple times in various occasions and we just want to support each other. In this case, I believe you were by a bigot getting hacked, but we will do the same for us. So that's basically the spirit that we want to build here. Been all the best. Yeah. I hope you feel good now.
[60:24]
Scott
Thank you.
[60:25]
Ran
Congratulations. Thanks. Congratulations, Gareth. I see your hands up. So. Gareth Jenkinson.
[60:31]
Gareth
Hey, Ran. How's it everyone? Hey, Ben. Gareth here, managing editor, Cointelegraph. Firstly, hats off to you. I think that tweet that was doing the rounds yesterday saying this was a masterclass in crisis management couldn't be more true. I think a lot of other exchanges might have just. Just buried their head in the sand and not said much and left it to everyone to wait and hear what was going on. So for you to get on a live stream and talk, you know, less than an hour after the hack did a lot for the industry. I mean, it allowed us to report with a lot of accuracy because we, we got some early information and we sat on it for a little bit before we ran the story. Because you don't want to just go out there and write a story. No, Bybit has been hacked. So well done. My first question is Czech, you should stop withdrawals or stop your systems altogether. I think that you made a great call by not doing that. But I just wanted to ask you why you decided not to do that and 24 hours later, if you think that was the right decision. I think it was a big litmus test for Bybit and hats off to you to be able to manage all the withdrawals. But yeah. Was it a consideration for you?
[61:43]
Scott
Yeah, no, I actually commented on that. Tweet. I think from an outsider perspective whenever you hear a hack it typically it means that the internal system of the exchange was hacked. Meaning that whether it's the hacker infantry or system or one of your key person is compromised resulting that you don't know where is the root cause. When that happens I think you must halt the withdrawal. But in our case it's quite different because we were quite early on know that our system was completely intact and it was in fact the external cold wallet that was breached. And so that was a relatively easy decision for me because I have full confidence in my system. I know my withdrawal is not compromised. So then why stopping the withdrawal? But then you also, you might have. So yeah, there's another incident where other exchange might stop withdrawal because they don't know how much money they have. But again Bybit is running on full a lot of dashboard. We have a very strong control on our system, on our margin and everything. So I know exactly where we are. So it's, it was a no brainer decision.
[63:05]
Gareth
Yeah, if I can just follow that one up. I mean obviously Zach XPT put the breadcrumbs together and figured out that Lazarus Group had carried out this hack. That's very big news and obviously there's now been conversations about Ethereum rolling back that transaction. I know you probably can't say too much at this stage, but are you in conversations with Chainalysis? Because they've done very, very deep investigations into Lazarus Groups and a number of the other hacks in the past few years that have been perpetrated by them. And how closely are you working with some bigger law enforcement agencies, Interpol, all of those. Can you give us any more detail on that?
[63:46]
Scott
Yeah, so we're actually Chanus is one of our biggest partner even before this hack, so we are in deep conversation for sure with them. I think their CEO emailed me immediately after they heard the news saying that they already created a task force for Bybit to track this fund and to help us. So really appreciate their help. Yeah. And in terms of police, we've already escalated to the Singapore police force as far as is it Interpol level. I'm not sure the details but again we will try our best to, to exhaust all the channels we could to whether it's from law enforcement perspective or from a on chain perspective.
[64:34]
Ran
Yeah, I think Carla, let's just give you the mic and then I think we should let Ben go. I think it's 1:00 in the morning in Singapore if I'm not mistaken. I'm sure Ben wants a little bit of sleep. I'm sure you want a little bit of sleep, and I think Ben deserves some sleep today. Carla, over to you, sir.
[64:50]
Scott
Thank you.
[64:50]
Ben
Ran. First off, that was actually my tweet about this being a masterclass in corporate transparency in crisis management and in wallet opsec. So I have to commend you, Ben, on how you've handled this. And I want to make an observation from a broader perspective. Having studied virtually every major incident of blockchain crime in this sector, as a criminal defense lawyer, I, I am amazed to see how far the space has come since ftx. When you look at what was uncovered during the investigation of SBF and FTX with respect to what was listed in the Binance, or I should say in the bankruptcy filings, as to the abysmal wallet security and the protocols that were in place and the dynamic between CZ and SBF at the time of the collapse of FTX's FTT token, to see how far we've come, to see the industry coming together to support a competitor, as Gracie had said, to support a competitor in this way and to help in protecting customers. Because at the end of the day, if we want to be decentralized in this space and if we want to avoid over regulation, then it's incumbent upon this sector to do just this, to come together and to protect the consumer and to be transparent. So again, I commend you, Ben. Ran, you did an amazing job breaking this thing down. I would encourage anyone to go back and listen to this who wants to learn how to effectively handle crisis management when it comes to managing blockchain crisis like this, because this was a tremendous hack which could have had incredible ripple effects across the entire sector. Thank you for bringing me up and I hope you get some sleep, Ben.
[66:36]
Ran
Yeah. Ben, again, thank you. First of all, thank you, Carlo. Thank you, Ben, thank you for your time and I think, thank you on behalf of the entire industry for, for the way that you handle this. And I can tell you that, I mean, we've been Bybit partners for a long time and we will certainly do everything that we can do to bring all the customers that maybe left for a while back and to get to make Bybit, you know, to bring Bybit back to what it is. Because I think that if anything, testament to how you handle this is the main reason why people should come back to Bybit. And again, I think exchange hacks are, they've happened a lot. I mean, Binance has been hacked and Bitfinex has been hacked, and it's just how you handle the hacks. And I think, to be honest, I think this is probably, it's the biggest hack, but it's also the most well handled hack that this industry seen. So, whereas, whereas, of course, I'm sorry for your loss and hopefully you'll get some of the money back. I do want to commend you on how you handle it, my friend.
[67:31]
Scott
Thank you. Thank you, guys. Yeah, thank you.
[67:34]
Ran
Thank you. Thank you to everyone for listening. And if you want, just please follow all the speakers. Follow Crypto Town Hall, Saturday afternoon. I'm glad we could do this one o'clock in Singapore. I'm glad we could just bring everyone together and, and do something amazing here. And, yeah, we'll carry on with, with our, with our broadcasting on Monday. So thank you. Thank you, everyone.