Zinger Key Points
- Bybit founder Ben Zhou says the company is enhancing security after hackers exploited Safe multisig flaws to drain Ethereum reserves.
- Bybit is working with major exchanges, cybersecurity firms, and law enforcement to track stolen assets and prevent laundering of funds.
- Get access to your new suite of high-powered trading tools, including real-time stock ratings, insider trades, and government trading signals.
In the aftermath of a $1.4 billion Ethereum ETH/USD heist, cryptocurrency exchange Bybit has launched a recovery bounty program, offering a reward of up to 10% of the recovered funds to ethical cyber and network security experts who actively contribute to retrieving the stolen assets.
This translates to a potential bounty of up to $140 million, making it one of the largest crypto recovery efforts in history.
"Within 24 hours of the event, we were overwhelmed with support from some of the best people and organizations in the industry, and we do not take it for granted. We have shared in a dark moment of crypto history, and we've proven we are better than the malicious actors," said Ben Zhou, co-founder and CEO of Bybit.
The security breach, confirmed by Zhou on Friday evening, resulted in 401,347 ETH ($1.12 billion), 90,376 stETH ($253 million), 15,000 cmETH ($44 million), and 8,000 mETH ($23 million) being stolen from Bybit's Ethereum cold wallet.
The attack was initially suspected to have exploited Safe's multisig wallet infrastructure, misleading Bybit's team into signing a transaction that granted the attacker control over the cold wallet's smart contract logic.
“It was a normal URL. I double-checked. It was the Safe URL from the official Safe website,” Zhou explained in a live stream following the incident.
“The hacker changed that transaction into upgrading or changing the Safe smart contract logic so that he gained control over the entire Ethereum cold wallet.”
Bybit has already received assistance from major exchanges including Binance and MEXC, which are helping monitor and prevent the stolen funds from being laundered.
Zhou expressed gratitude for the industry’s response, saying, “Within 24 hours of the event, we were overwhelmed with support from some of the best people and organizations in the industry.”
Individuals or groups with expertise in blockchain forensics, security analysis, and fund recovery can participate in the bounty program by contacting Bybit via bounty_program@bybit.com.
Despite the scale of the attack, Bybit continues processing withdrawals, securing liquidity through a bridge loan covering 80% of the stolen Ethereum to ensure customers’ funds remain safe.
The company has also emphasized its commitment to improving security infrastructure and preventing similar incidents in the future.
Bybit's full forensic investigation is ongoing, working closely with law enforcement, cybersecurity experts, and Safe's development team to determine whether the attack stemmed from a Safe multisig vulnerability or a broader infrastructure breach.
Image: Shutterstock
© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
