Zinger Key Points
- The breach resulted in the theft of 401,347 ETH, 90,376 stETH, 15,000 cmETH, and 8,000 mETH, later transferred to unknown wallets.
- Zhou said hackers exploited Bybit’s multisig wallet, deceiving signers into approving a fraudulent smart contract update.
- Get two weeks of free access to pro-level trading tools, including news alerts, scanners, and real-time market insights.
Bybit founder Ben Zhou has confirmed that the cryptocurrency exchange suffered a $1.4 billion Ethereum ETH/USD hack, making it one of the largest security breaches in recent history.
The attack, which targeted Bybit's Ethereum cold wallet, resulted in the loss of 401,347 ETH ($1.12 billion), 90,376 stETH ($253 million), 15,000 cmETH ($44 million), and 8,000 mETH ($23 million), according to Onchain Lens.
Bybit's Security Breach Explained
According to Zhou, the attack stemmed from a manipulation of Bybit's multisig wallet interface, tricking signers into unknowingly approving a fraudulent smart contract update.
"It appears that this specific transaction was masked. All the signers saw the masked UI, which showed the correct address, and the URL was from Safe," Zhou stated. "However, the signing message was to change the smart contract logic of our ETH cold wallet."
Bybit's team mistakenly authorized a contract modification, allowing attackers to take full control of the cold wallet and transfer all funds to an unknown address.
Impact And Response
Despite the breach, Zhou assured users that other cold wallets remain secure and that withdrawals are operating as normal. However, the massive transfer of stolen funds to external wallets has raised concerns about potential laundering through decentralized finance (DeFi) platforms or privacy-focused mixers.
“Bybit Hot wallet, Warm wallet and all other cold wallets are fine. The only cold wallet that was hacked was ETH cold wallet. ALL withdraws are NORMAL,” he said.
Bybit is now working with blockchain investigators and cybersecurity teams to trace the stolen assets. "If any team can help us track the stolen funds, it will be appreciated," Zhou said.
In another statement, Zhou reaffirmed users that Bybit is solvent and all losses can be covered if the hack loss is not recovered.
According to blockchain sleuth ZachXBT, the attacker split 10,000 ETH to 39 addresses and asked exchanges or services to blacklist these addresses on all EVM chains.
Also Read: Coinbase CEO Brian Armstrong Says SEC Has Agreed To End ‘Bogus’ Enforcement Case Without Penalties
Why It Matters: Japanese exchange DMM Bitcoin lost 4,502.9 Bitcoin BTC/USD on May 31 last year, valued at roughly $305 million, in what became the largest crypto hack of 2024.
TRM Labs then reported that the breach’s cause was unclear, with potential vectors including stolen private keys or address poisoning.
On September 23, 2023, Hong Kong-based Mixin Network suffered a $200 million loss when hackers breached its cloud service provider’s database, likely compromising private keys.
It was touted to be the biggest crypto exploit of 2023, forcing the platform to halt operations abruptly.
Analysts suspect weak key management as the root cause.
Similarly, Euler Finance, a DeFi protocol, lost $197 million in a flash loan attack exploiting a smart contract vulnerability on March 13, 2023.
According to reports, the hacker manipulated token exchange rates, but unusually, most funds were returned after negotiations, with the attacker keeping a small bounty.
This remains one of DeFi's largest incidents of 2023.
Read Next:
Image: Shutterstock
© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
