Global blockchain supervision and query platform

English
Download
Home Exchange Project Token Review News Market Field Survey WikiEXPO Education Forum Live Big Data Announcement Calendar Newsletter Community
Your Location:   Home >
News >
Main body

Bybits ETH cold wallet exploited for $1.46b

Bybits ETH cold wallet exploited for $1.46b WikiBit 2025-02-22 06:47

Bybit confirmed that its multi-sig cold wallet was breached, just hours after the crypto exchange increased access to liquidation data for transparency.

Bybit confirmed that its multi-sig cold wallet was breached, just hours after the crypto exchange increased access to liquidation data for transparency.

Bybit CEO Ben Zhou stated that hackers infiltrated the exchanges (ETH) multi-signature cold wallet, draining nearly $1.5 billion in crypto. The breach was first flagged by renowned on-chain sleuth ZachXBT, who alerted the public to suspicious withdrawals from Bybit.

Companies use multi-signature wallets to mitigate single points of failure, as multiple parties must approve a transaction. If one signer is compromised, the others can refuse to authorize fund transfers. However, in this case, the hackers managed to deceive all signers.

According to Zhou, the attackers masked a transaction to mislead the wallet‘s signers. While the team believed they were approving a legitimate address, they were unknowingly authorizing changes to the smart contract managing Bybit’s ETH cold wallet.

This allowed the hackers to withdraw all Ether and Ether derivatives from Bybits wallet to an unknown address. The perpetrators then began swapping the stolen funds for Ethereum tokens on decentralized exchanges, ZachXBT reported.

ZachXBT also noted that the hackers split the stolen assets across multiple addresses to evade tracking. The blockchain investigator published a list of these addresses on his official Telegram channel, urging exchanges to blacklist them.

Meanwhile, Zhou assured users that the breach was isolated to Bybits Ethereum cold wallet.

“Please rest assured that all other cold wallets are secure. All withdrawals are NORMAL,” Zhou added.

The attack on Feb. 21 may be the largest-ever exploit against a single crypto exchange. At $1.46 billion, the amount stolen accounts for more than 50% of the total crypto value siphoned in 2024.

Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago. It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe . However the signing message was to change…

Disclaimer:

The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.

Related exchange
FUND
FUND
Reputation Ratings
Unification
THE
THE
Reputation Ratings
The Protocol | 2-5 years
SMART
SMART
Reputation Ratings
SMART | 2-5 years
CHAIN
CHAIN
Reputation Ratings
Chain Games
ONE
ONE
Reputation Ratings
Harmony | 5-10 years
ETH
Deluxe
ETH
Reputation Ratings
Deluxe | Ethereum | 10-15 years
FOR
FOR
Reputation Ratings
ForTube
DATA
DATA
Reputation Ratings
Streamr | 5-10 years

WikiBit Exchange

  • Crypto token price conversion
  • Exchange rate conversion
  • Calculation for foreign exchange purchasing
/
PC(S)
Current Rate
Available

0.00

You may also like