ByBit Hacked For $1.5B+ Worth Of Damages
Cryptocurrency Exchange ByBit has been hacked for more than $1.5B (1.5 BILLION DOLLARS)
Cryptocurrency Exchange ByBit has been hacked for more than $1.5B (1.5 BILLION DOLLARS)
darwizzynft
Share
ByBit has been hacked.
ByBit CEO, Ben Zhou, has confirmed that the Cryptocurrency exchange has been hacked by a “signing message to change smart contract logic of ETH cold wallet”.
Current damage is worth upwards of $1,500,000,000 (1.5 BILLION DOLLARS).
The official ByBit X account has since posted details on the incident.
Here’s everything we know so far:
- The hack occured when one of ByBit’s ETH multisig cold wallets executed a transfer to their warm wallet
- The transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic
- As a result, the hacker was able to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address
- WazirX, indian exchange got hacked for $234.9M worth of Crypto assets the same way on the 18th July 2024
According to 0xCygaar, the hacker was able to attack each signer’s device to make the multisig UI show something different to what was actually signed, tricking the multisig to sign the funds away. This would have required the hacker to identify who each of the multisig signers are, and then getting them to unknowingly install malware, compromising the multisig UI.
Ben Zhou has reassured ByBit users that ByBit Hot wallet, Warm wallet, and all other cold wallets are secure. The only cold wallet that was hacked was ETH cold wallet. All other withdraws are normal.
Onchain investigations
Per ZachXBT, the hacker split 10,000 ETH to 48 addresses.
mETH and stETH is currently being swapped on DEXs for ETH.
What happens next?
ByBit’s security team alongside blockchain forensic experts are actively investigating the incident, with more details coming out as we speak.
The CEO has stated that ByBit is solvent even if the funds lost aren’t recovered, claiming that all client assets are 1 to 1 back, meaning ByBit can cover the loss.
ByBit appears to be processing withdrawals as normal after the hack, with $20B+ worth of assets on the platform and ByBit’s cold wallets untouched.
Ben Zhou will start a live stream soon on X to answer any questions.
Follow @tryPluid on X to keep up with further developments on the ByBit hack.
Disclaimer: The information provided in this article is NOT financial advice and has ONLY been presented for informational and educational purposes.
Recommended by Pluid
News
by Nattynatman
News
Feb 10, 2025
News
by darwizzynft
News
Feb 17, 2025
