It's also not reassuring that the CEO claims cold wallets are safe and secure, just after losing 1.46B

Cold usually means it needs multiple physical people to sign from offline devices to move it. Hot wallet usually is automated. Here it looks like the «hackers» found a way to trick enough people to sign this transaction

Or the cold wallet was, at best, room temperature.

It could still be cold. "took control of the specific ETH cold wallet" sounds like stealing the physical hardware. Like someone stealing the vault key, or the HDCP master key getting leaked.

Yes. This sounds like a variant of “rubber hose decryption.” “We beat him with a sock full of doorknobs until he gave us the device.”

Perhaps their servers have cryogenic cooling

They could have gotten the recovery phrase off some paper, then imported it wherever. More likely than guessing the pin on a ledger with a short number of tries before wiping.

Yeah this makes no sense whatsoever.

> [The hacker] took control of the specific ETH cold wallet and transferred all the ETH in the cold wallet to this unidentified address.

Did the hacker physically break into their office or what?

Possibly yes

Or some part of their system failed and the key was compromised without them realising it (like the Debian insecure keys debacle or whatever)

The wallet is a smart contract (specifically a gnosis safe), the malicious message they signed transferred ownership of that smart contract wallet to the attacker so they could then do whatever they want with it.