Bybit Hack Causes Loss of $1.4 Billion in Ether
Bybit experienced a significant security breach on February 21, 2025, resulting in the theft of approximately 401,346 Ethereum (ETH), valued at around $1.4 billion.
The Bybit hack targeted the company’s multi-signature cold wallet for ETH, marking one of the largest crypto heists in recent history.
| Key Takeaways: – Crypto exchange Bybit suffered a $1.4 billion hack on Feb. 21, 2025, when attackers exploited a fake URL to gain control of its multisig cold wallet. – Bybit assures users that funds remain secure, withdrawals are operational, and forensic experts are tracking the stolen assets. – The Bybit hack joins past major crypto breaches, including Mt. Gox, FTX and WazirX’s $230 million attack in 2024. |
Bybit CEO and co-founder Ben Zhou addressed the incident in a livestream, explaining that the attack occurred during a routine transfer between the exchange’s cold and hot wallets.
Bybit utilizes Safe’s multi-signature wallets for cold storage, and Zhou confirmed he was the last to sign off on the compromised transaction.
The Bybit hack was executed through a deceptive “masked” URL, which tricked the system into authorizing unauthorized access. By altering the contract logic, the attacker was able to gain control of the cold wallet and drain its assets.
Following the attack, the stolen ETH was moved to a new address, with subsequent transfers to other wallets. Bybit has since engaged blockchain forensic experts to track the movement of the stolen funds and mitigate further security risks.
Despite the magnitude of the hack, Bybit has reassured its users that the platform remains solvent and that customer funds are secure. Withdrawals remain operational, a move likely aimed at maintaining user confidence.
However, industry experts, including former Binance CEO Changpeng Zhao, have suggested that temporarily suspending withdrawals could be a precautionary measure.
Smart account infrastructure provider Safe, whose technology is used in Bybit’s cold storage, has stated that there is no evidence of a frontend vulnerability being exploited. Nevertheless, the company has taken precautionary steps, temporarily suspending certain functionalities to protect users.
In response to the attack, Ethena Labs has assured investors that its yield-bearing stablecoin, Ethena USDe (USDe), remains solvent and unaffected by the breach.
The Bybit hack adds to a history of major crypto exchange hacks, joining past breaches such as those affecting Mt. Gox, Coincheck, FTX, and WazirX’s $230 million attack in 2024. With an estimated $16 billion in total assets as of last week, Bybit is working to strengthen security measures and prevent further exploits.
| Disclaimer: The information on this website is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency markets are volatile, and investing involves risk. Always do your own research and consult a financial advisor. |
