The second-largest cryptocurrency exchange by trading volume, Bybit, has been hacked for $1.4 billion in Ether (ETH) and liquid staking tokens based on ETH, including stETH and mETH.
The security breach was first spotted by popular cryptocurrency sleuth ZachXBT, who pointed out on social media that he was following a “suspicious outflows from Bybit of $1.46B+”
Later, ZachXBT said that sources “confirm it’s a security incident” as blockchain data showed the funds taken from Bybit were moving into various decentralized exchanges, with mETH and stETH being swapped for ETH.
The hacker has since split the funds into 39 different wallet addresses, each with 10,000 ETH in them. ZachXBT has called on exchanges to block the addresses on all Ethereum Virtual Machine (EVM) compatible chains.
Bybit’s CEO Ben Zhou has confirmed the security breach on social media. In a post, Zhou explained that the Bybit ETH multisig cold wallet was making a transaction to its warm wallet when it “was musked,” and that while the deposit address was correct as the signers were approving the transaction, things didn’t go as planned.
“However the signing message was to change the smart contract logic of our ETH cold wallet. This resulted Hacker took control of the specific ETH cold wallet we signed and transfered all ETH in the cold wallet to this unidentified address. Please rest assured that all other cold wallets are secure,” Zhou wrote.
Bybit CEO Reassures Crypto Community
In subsequent posts on social media, Zhou said that the exchange “is solvent even if this hack loss is not recovered,” adding that all clients’ assets are “1 to 1 backed, we can cover the loss.”
Zhou added that the company’s “hot wallet, warm wallet and all other cold wallets are fine” and that only one cold wallet was hacked.
So far, withdrawals off of Bybit appear to be processed normally, with Arkham Intelligence data showing significant amounts of withdrawals.
