Back to directory

WRITEUP #6600

How Threat Modeling Could Have Prevented the $1.5B Bybit Hack

CVE ResearchPrivilege EscalationAuthentication BypassLogic Flaw

byBenjamin Samuels

Program

Self-managed

Published

Feb 25, 2025

Added to HackDex

Mar 18, 2026

Read Full Writeuphttps://blog.trailofbits.com/2025/02/25/how-threat-modeling-could-have-prevented-the-1.5b-bybit-hack/

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Logic Flaw: I Can Block You from Accessing Your Own Account

Logic BugLogic flaw

Escalating From Reader To Contributor In Azure API Management

Privilege Escalation

Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey

Privilege EscalationLocal Privilege Escalation

Hijacking SQL Server Credentials using Agent Jobs for Domain Privilege Escalation

Privilege Escalation

Built with ❤️ by Shubham Rawat