Bybit Suffers Massive $1.4 Billion Hack

Bybit Suffers Massive $1.4 Billion Hack

Bybit Confirms $1.4 Billion Ethereum Cold Wallet Hack, Withdrawals Remain Operational

Bybit CEO Ben Zhou has confirmed that the exchange’s Ethereum (ETH) cold wallet was compromised, leading to a loss of $1.4 billion in ETH and other tokens. The incident involved a sophisticated attack in which roughly $200 million worth of stETH was swapped for ETH on the open market.

How the Attack Happened

According to Zhou, the hack involved a “musked” transaction, a method using advanced phishing and spoofing techniques. The attackers displayed a fake but visually identical UI to the signers, tricking them into approving transactions under the impression that they were interacting with a legitimate interface.

The hacker used the deceptive signing message to alter the smart contract logic of Bybit’s ETH cold wallet, ultimately gaining control over the wallet and transferring the funds to an unidentified address.

Bybit Ensures Continued Operations

Despite the breach, Bybit is still processing withdrawals, and other cold wallets, as well as hot and warm wallets, remain unaffected. Zhou reassured users that withdrawals are operating normally, and the exchange will maintain full solvency even if the lost funds are not recovered.

Binance CEO Weighs In

Binance CEO Changpeng Zhao has advised Bybit to temporarily halt withdrawals as a precautionary security measure while offering assistance in addressing the attack.

"Not an easy situation to deal with. Might suggest halting all withdrawals for a bit as a standard security precaution. Will provide any assistance if needed," Zhao said.

Market Impact

Following the news, Ethereum (ETH) prices dropped nearly 3%, as investors reacted to concerns over exchange security.