- 22
- 1
- 3
An unknown attacker has stolen over $1.46 billion worth of cryptocurrency from one of the cold wallets of the Bybit cryptocurrency exchange. This is the largest cryptocurrency hack in history, more than doubling the previous record.
The first to notice the strange movement of funds was the well-known blockchain analyst ZachXBT. He drew attention to the fact that $1.46 billion worth of cryptocurrency was withdrawn
from the exchange. The expert soon stated that his own sources confirm that this is a “security incident” and that some mETH and stETH tokens are already being exchanged for ETH through decentralized exchanges. In addition, according to him, 10,000 ETH (about $22 million) were divided between 39 wallets.
Soon, Bybit representatives officially confirmed the fact of the attack.
[td]“The incident occurred when our ETH cold multisig wallet performed a transfer to our warm wallet. Unfortunately, this transaction was rigged with a sophisticated attack that modified the signing interface to display the correct address while changing the smart contract logic,” Bybit wrote. “As a result, the attacker was able to gain control of the affected ETH cold wallet and transfer funds to an unspecified address.”[/td]The cryptocurrency exchange says its security team is currently investigating the incident, with external cyber forensics and blockchain analysts helping them. Bybit is calling on anyone with relevant expertise to help track down the funds.
Bybit says all other cold wallets are secure, customer funds are safe, and the exchange has not been impacted by the incident.
[td]“Please rest assured that all other cold wallets are safe. I will keep you updated. If any team can help us track down the stolen funds, we will be grateful,” Bybit CEO Ben Zhou wrote in X. “Bybit is solvent. Even if the losses from this hack cannot be recovered, all customer assets are protected 1:1, we will be able to cover the losses.”[/td]It is worth noting that a similar attack related to changes in the interface was carried out on the Indian crypto exchange WazirX in the summer of 2024. Then, more than 230 million US dollars were stolen from WazirX. According to experts, North Korean hackers were behind the hack.
Recall that the largest cryptocurrency robbery in history to date was considered to be the attack on Axie Infinity and the Ronin sidechain, which occurred in March 2022. Then hackers stole more than 600 million dollars with the help of just two transactions: 173,600 ETH (worth about 591,242,019 dollars at the exchange rate at the time of the attack) and the USDC stablecoin (worth 25.5 million dollars at the exchange rate at the time of the attack).
The first to notice the strange movement of funds was the well-known blockchain analyst ZachXBT. He drew attention to the fact that $1.46 billion worth of cryptocurrency was withdrawn
from the exchange. The expert soon stated that his own sources confirm that this is a “security incident” and that some mETH and stETH tokens are already being exchanged for ETH through decentralized exchanges. In addition, according to him, 10,000 ETH (about $22 million) were divided between 39 wallets.
Soon, Bybit representatives officially confirmed the fact of the attack.
Bybit says all other cold wallets are secure, customer funds are safe, and the exchange has not been impacted by the incident.
Recall that the largest cryptocurrency robbery in history to date was considered to be the attack on Axie Infinity and the Ronin sidechain, which occurred in March 2022. Then hackers stole more than 600 million dollars with the help of just two transactions: 173,600 ETH (worth about 591,242,019 dollars at the exchange rate at the time of the attack) and the USDC stablecoin (worth 25.5 million dollars at the exchange rate at the time of the attack).