Bybit founder confirms $1.4 billion $ETH hack

Founder of crypto exchange Bybit, Ben Zhou, confirmed a hack on the exchange on Friday, February 21st.

Attackers drained ETH worth $1.5 billion from the Dubai-based exchange, leaving several users in panic. Bybit founder Zhou explained the cause of the hack in an X post. Zhou noted that the hack happened as the exchange tried to move funds from its cold wallet to an online warm wallet.

Bybit ETH Cold Wallet Compromised in Masked Attack

“Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago. It appears that this specific transaction was musked, all the signers saw the masked UI which showed the correct address, and the URL was from @safe. However, the signing message was to change the smart contract logic of our ETH cold wallet,” Zhou explained.

He continued, “This resulted in a hacker taking control of the specific ETH cold wallet we signed and transferred all ETH in the cold wallet to this unidentified address. Please rest assured that all other cold wallets are secure. All withdrawals are NORMAL.”

Bybit Offered a Positive Response

Zhou later clarified that “Bybit Hot wallet, Warm wallet, and all other cold wallets are fine. The only cold wallet that was hacked was ETH cold wallet.” Bybit also echoed the positive sentiments of its founder in a separate X post.

The exchange wrote, “We want to assure our users and partners that all other Bybit cold wallets remain fully secure. All client funds are safe, and our operations continue as usual without any disruption. Transparency and security remain our top priorities, and we will provide updates asap.”

The attack on Bybit is largely seen as one of the biggest attacks on a crypto exchange. As expected, the event sparked massive reactions from the crypto community, with the likes of CZ offering a helping hand.

Furthermore, most Bybit users entered panic mode, leading to a withdrawal crisis. However, Zhou clarified that Bybit had secured enough to cover the losses even if the funds were not recovered, adding that “all clients’ assets are backed 1:1.”

Despite the challenges, Bybit has successfully managed the situation and stabilized operations.

Is Lazarus behind this?

Several crypto users quickly identified the North Korean group Lazarus as the attacker after the hack. Recall that Lazarus is behind significant hacks on crypto exchanges, including the Ronin bridge hack.

Blockchain intelligence firms Arkham and Elliptic traced the stolen funds to different wallets. Elliptic marked Lazarus Group as the name behind the hack. Experts believe the hack could increase scrutiny on crypto exchanges in the coming days.

Disclaimer

The information discussed by Altcoin Buzz is not financial advice. This is for educational, entertainment and informational purposes only. Any information or strategies are thoughts and opinions relevant to accepted levels of risk tolerance of the writer/reviewers, and their risk tolerance may be different from yours.

We are not responsible for any losses that you may incur as a result of any investments directly or indirectly related to the information provided. Bitcoin and other cryptocurrencies are high-risk investments, so please do your due diligence.

Copyright Altcoin Buzz Pte Ltd.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.