Bybit Hack Investigation Results Reported By SlowMist

Hours
Comments 0 Comments
Blockchain security firm SlowMist has uncovered details of the cyberattack that resulted in a significant Ethereum (ETH) breach at cryptocurrency exchange Bybit.
The Bybit hack, which compromised Bybit’s cold wallet, was executed by manipulating smart contract logic.
Key Takeaways:
– The Bybit hack shares similarities with past attacks on BingX and Phemex, with stolen funds laundered via eXch.
– Hackers stole 401,347 ETH ($1.068 billion) and other assets by manipulating a multi-signature smart contract in Bybit’s cold wallet.

According to SlowMist’s findings, the breach was initiated on February 19, 2025, at 7:15 UTC when attackers deployed a malicious contract. By February 21, 2025, at 14:13 UTC, the perpetrators successfully replaced a legitimate Safe deployment contract with their own, using a multi-signature ownership method.

Bybit Hack Investigation Results Reported By SlowMist

The attack led to the theft of substantial digital assets, including approximately 401,347 ETH (valued at $1.068 billion), 8,000 mETH ($26 million), 90,375 stETH ($260 million), and 15,000 cmETH ($43 million).

SlowMist’s MistTrack analysis linked the hacker’s address to previous breaches involving BingX and Phemex.

The Bybit hacker’s address was linked to the BingX and Phemex incidents
The Bybit hacker’s address was linked to the BingX and Phemex incidents. Source: SlowMist

The stolen funds were reportedly laundered through the eXch platform, where they were converted into Bitcoin, Monero, and other cryptocurrencies to obscure their origins.

SlowMist’s founder has also warned that eXch has a track record of hostility toward security researchers, urging exchanges to enhance risk controls for transactions involving the platform.

In response to the breach, Bybit has reassured users that its other cold wallets remain unaffected and that withdrawals continue without disruption.

The exchange is actively cooperating with law enforcement and regulatory bodies to trace and recover the stolen assets. If recovery efforts prove unsuccessful, Bybit commits to using its treasury reserves to compensate affected users.

Disclaimer: The information on this website is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency markets are volatile, and investing involves risk. Always do your own research and consult a financial advisor.

John Kojo Kumi is a seasoned cryptocurrency and blockchain writer celebrated for his in-depth analysis of emerging startups, tokenomics, and crypto market trends. With a Bachelor of Arts in Geography and Rural Development from Kwame Nkrumah University of Science and Technology, Kumasi, John offers a unique perspective that integrates academic knowledge with industry expertise.

Throughout his career, John has made significant contributions to Crypto News Flash, ZyCrypto, and Coinstaker Media, where he sharpened his skills in crypto journalism and blockchain analysis. Now at Bitcoininfonews.com, he provides comprehensive coverage of cryptocurrencies, DeFi, NFTs, and Web3, equipping readers with the insights needed to navigate the fast-paced blockchain ecosystem. His expertise in content management, SEO, and thorough research makes his work a trusted resource for the global crypto community

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *