Bybit Exchange Hacked for $1.4 Billion

Cryptocurrency exchange Bybit has fallen victim to a hack, resulting in the theft of over $1.4 billion in liquid-staked Ethereum, Mantle Staked ETH (mETH), and various ERC-20 tokens.

Onchain security analyst ZachXBT identified the breach shortly after it took place.

In response to the attack, the analyst advised users to blacklist the addresses linked to the hack.

Bybit co-founder and CEO Ben Zhou later confirmed the security breach and shared updates on the situation.

Zhou stated that a transfer occurred from the exchange’s multisignature wallet to a warm wallet approximately an hour before the incident was discovered.

According to the CEO, the transaction was designed to appear legitimate but contained malicious source code that altered the wallet's smart contract logic, allowing funds to be siphoned.

Despite the breach, Zhou reassured users:

“Please rest assured that all other cold wallets are secure. All withdrawals are NORMAL. I will keep you guys posted as more develops. If any team can help us to track the stolen fund will be appreciated.”

This attack comes amid a string of high-profile hacks and security incidents throughout 2024 and early 2025 that have drained funds from multiple crypto exchanges.

“Bybit is Solvent even if this hack loss is not recovered, all of the client’s assets are 1 to 1 backed — we can cover the loss,” Zhou added in a separate post.

The exchange also released a statement on X, assuring customers that its cold wallets "remain fully secure" and that "all client funds are safe, and our operations continue as usual without any disruption."

Following confirmation of the breach, the price of Ether (ETH) declined by more than 3%, as the incident—one of the largest hacks in recent crypto history—sent shockwaves through the market.

The broader crypto industry has seen a rise in hacks and scam-related activity in the early weeks of February 2025.

On February 14, money-market protocol ZkLend, built on Starknet, was exploited for $9.5 million.

Cybersecurity firm Cyvers reported that the attacker bridged the stolen funds to Ethereum and the Railgun protocol in an attempt to launder them.

However, Railgun later returned the funds.

Additionally, on February 5, both Solana-based decentralized exchange Jupiter and former Malaysian Prime Minister Mahathir Mohamad had their social media accounts compromised.

In both cases, the attackers used the breached accounts to promote fraudulent memecoins.

Shaw Walters, founder of Eliza Labs, was also targeted in a recent social media hack.

The attacker took control of Walters' X account and used it to spread scam links.

Despite having two-factor authentication enabled, Walters confirmed that his account was still compromised.

Sources:

https://cointelegraph.com/news/bybit-exchange-hacked

https://t.me/investigations/214

https://x.com/benbybit/status/1892963530422505586

https://etherscan.io/address/0x47666Fab8bd0Ac7003bce3f5C3585383F09486E2

https://x.com/benbybit/status/1892963530422505586

https://x.com/Bybit_Official/status/1892965292931702929