Bybit Hit By Historic $1.4 Billion Ethereum Hack

Bybit, a prominent cryptocurrency exchange, has confirmed a staggering $1.4 billion hack targeting its Ethereum cold wallet, marking one of the largest security breaches in the history of digital assets. The attack exploited vulnerabilities in the exchange's multisig wallet, leading to significant losses and raising alarms across the crypto community.

Key Takeaways

• Bybit lost approximately 401,347 ETH, 90,376 stETH, 15,000 cmETH, and 8,000 mETH, totaling around $1.4 billion.

• The breach was executed through a sophisticated manipulation of the wallet's interface, tricking signers into approving a fraudulent transaction.

• Despite the hack, Bybit assures users that other wallets remain secure and that the exchange is solvent.

Overview Of The Attack

The breach occurred on February 21, 2025, when Bybit's CEO, Ben Zhou, revealed that hackers had successfully manipulated the exchange's Ethereum cold wallet. The attackers used a technique known as a "masked transaction," which displayed a legitimate-looking interface, leading the security team to authorize a malicious smart contract update.

Zhou explained, "It appears that this specific transaction was masked. All the signers saw the masked UI, which showed the correct address, and the URL was from Safe. However, the signing message was to change the smart contract logic of our ETH cold wallet."

Impact On The Crypto Market

The hack sent shockwaves through the cryptocurrency market, resulting in mass liquidations among Ethereum futures traders. Within hours, approximately $76 million in liquidations occurred, with a total of 183,176 traders affected, leading to a significant drop in Ethereum's price.

• Ethereum Price Drop: Ethereum's value fell nearly 5% within an hour, trading at around $2,727.

• Liquidation Statistics: Total liquidations reached $499.23 million, highlighting the panic among traders.

Bybit's Response

In the aftermath of the attack, Bybit has taken several steps to reassure its users:

• Security Measures: The exchange is collaborating with blockchain forensic experts to trace the stolen assets and recover funds.

• User Assurance: Zhou emphasized that all other wallets, including hot and warm wallets, remain secure, and withdrawals are functioning normally.

• Financial Stability: Bybit has stated that it can cover the losses incurred from the hack, ensuring users that their funds are safe.

Future Implications

This incident underscores the increasing sophistication of cyber threats targeting cryptocurrency exchanges. As the industry continues to grow, the need for robust security measures becomes paramount. Bybit's experience serves as a cautionary tale for other exchanges and investors alike, highlighting the vulnerabilities that can exist even in seemingly secure systems.

As the investigation unfolds, the crypto community remains vigilant, with many calling for enhanced security protocols and greater transparency in the industry. The incident not only raises questions about Bybit's security practices but also about the overall safety of digital assets in an increasingly digital world.

Sources

• Bybit Founder Confirms $1.4 Billion Ethereum Hack, Blames 'Masked' Transaction - Benzinga, Benzinga.

• ByBit suffers $1.5 billion Ethereum heist in cold wallet breach, CryptoSlate.

• BREAKING: Bybit’s Ethereum Cold Wallet Hacked in $1.46B Breach—One of the Largest Ever | Coinspeaker, Coinspeaker.

• Bybit hit with $1.4 billion hack targeting its Ethereum cold wallet, Crypto Briefing.

• Crypto hit by largest hack ever as Bybit loses $1.4 billion – Ethereum traders liquidated - TheStreet Crypto: Bitcoin and cryptocurrency news, advice, analysis and more, TheStreet.