Bybit, a prominent cryptocurrency exchange, fell victim to the largest hack in crypto history, losing roughly $1.4 billion in digital assets. The breach, targeting the exchange’s Ethereum cold wallet, marks a grim milestone, dwarfing the 2014 Mt. Gox hack that saw $470 million in Bitcoin stolen.
The attack leveraged a sophisticated "masked" transaction, a method involving phishing and spoofing. Hackers crafted a fake user interface (UI) that deceived Bybit’s signers into approving a contract change, granting the attacker control over the Ethereum cold wallet.
Blockchain analysts, including ZachXBT and Arkham Intelligence, confirmed the stolen haul: 401,347 ETH ($1.12 billion), 90,376 stETH ($253 million), 15,000 cmETH ($44 million), and 8,000 mETH ($23 million). The precision and scale of the heist underscore the growing ingenuity of cybercriminals targeting crypto platforms.
Bybit Hot wallet, Warm wallet and all other cold wallets are fine. The only cold wallet that was hacked was ETH cold wallet. ALL withdraws are NORMAL.
— Ben Zhou (@benbybit) February 21, 2025
Bybit’s CEO, Ben Zhou, responded swiftly via X, stating, "Bybit is solvent even if this hack loss is not recovered, all of clients' assets are 1 to 1 backed, we can cover the loss."
In a live session, Zhou revealed that 80% of the needed ETH had been secured through a bridge loan, ensuring uninterrupted operations and user withdrawals. While other cold wallets remain secure, the breach has dented Bybit’s reputation, despite its prior success in thwarting $79 million in suspicious withdrawals in 2024 using AI-powered fraud detection.
Bybit detected unauthorized activity involving one of our ETH cold wallets. The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing…
— Bybit (@Bybit_Official) February 21, 2025
The market felt immediate ripples, with Ethereum’s price dipping 3%. This triggered $76 million in futures liquidations over four hours, including $43 million from short positions.
Community reactions ranged from alarm to skepticism, with some labeling the panic as FUD (fear, uncertainty, and doubt). Adding intrigue, the hacker rapidly liquidated $200 million in stETH on decentralized exchanges post-theft—a testament to the attack’s speed and execution.
We have reported the case to the appropriate authorities and we will send an update as soon as we have any further information. We have fortunately worked quickly and extensively with on-chain analytics providers to identify and demix the implicated addresses. These actions will…
— Bybit (@Bybit_Official) February 21, 2025
Bybit is now working with blockchain analytics firms and law enforcement to trace the funds, scattered across over 40 wallets.
Recovery remains uncertain, but the incident serves as a stark reminder: in the fast-evolving world of crypto, robust security isn’t just an option—it’s a necessity.