Total MarketCap:$00
API
EN
Dark
SearchSSI/Mag7/Meme/ETF/Coin/Index/Charts/Research
00:00 / 00:00
View
    Markets
    Indexes
    NewsFeed
    TokenBar®
    Analysis
    Macro
    Watchlist
Share
BSCNews

THE BIGGEST-EVER BYBIT $1.4B HACK: WHAT WE KNOW SO FAR

- In a devastating security breach, Bybit, one of the largest crypto exchanges, lost nearly $1.4 billion worth of digital assets to hackers on Feb. 21.

- This incident marks the biggest hack in cryptocurrency history, surpassing the infamous Ronin Bridge ($625M) and FTX ($477M) breaches.

WHAT HAPPENED? THE TIMELINE OF THE ATTACK

- The hack targeted Bybit’s cold wallet, an offline storage system meant to be immune to cyberattacks.

- The breach was discovered when suspicious outflows of over 270,000 $ETH ($945M) were detected from the exchange’s reserves.

- Additional Bitcoin ($BTC), $USDT, and other assets were siphoned off, pushing total losses to $1.4 billion.

- The stolen funds were rapidly moved across multiple wallets and dispersed through decentralized exchanges (DEXs) and mixing services to obscure their origins.

- Within hours, Bybit confirmed the hack, assuring users that the attack was limited to one wallet, and withdrawals remained functional.

HOW DID THE HACKERS EXECUTE THE BREACH?

Security analysts from Elliptic, PeckShield, and Arkham Intelligence uncovered key details:

- The hackers exploited vulnerabilities in Bybit’s multi-signature cold wallet setup—a mechanism that requires multiple private key holders to authorize transactions.

- Further analysis suggests either a supply chain attack, compromised credentials, or an insider threat.

- The Lazarus Group, notorious for stealing over $3 billion in crypto, is suspected of orchestrating this attack.

- The hacker’s wallet addresses matched patterns from Lazarus’s earlier heists, where funds were quickly laundered using Tornado Cash, Railgun, and cross-chain bridges.

IMMEDIATE AFTERMATH: $5.5B WITHDRAWN BY USERS

- Following the attack, panic spread among Bybit users, leading to $5.5 billion in withdrawals in under 48 hours.

- Fears of insolvency and collapse, similar to FTX, led to a bank run, causing Bybit’s total value locked (TVL) to plummet by 60%.

- CEO Ben Zhou reassured customers, stating Bybit remains fully operational and solvent, with over $20 billion in reserves..

- However, leading crypto firms stepped up to support Bybit, signaling industry-wide solidarity:

1. Binance & Bitget: Deposited 40,000 $ETH & 50,000 $ETH, respectively, to boost liquidity.
2. HTX (Huobi): Co-founder Du Jun personally pledged 10,000 ETH.
Tether ($USDT): Froze $181,000 in stolen funds, preventing some liquidation.
3. OKX & KuCoin: Offered logistical and security assistance for Bybit’s investigation.

BYBIT’S RESPONSE: SECURITY OVERHAUL & $140M BOUNTY

- Bybit launched an internal security audit, collaborating with Interpol, Singaporean authorities, and blockchain forensics firms to track the stolen funds.

- A $140M bounty (10% of the stolen funds) was announced for information leading to fund recovery or hacker identification.

- The exchange is revamping its cold wallet architecture, focusing on enhanced multi-sig security and real-time monitoring.

- Bybit is still operational, but regulatory scrutiny will likely intensify, especially in Singapore, where its HQ is located.

- Authorities worldwide, including the FBI and Chainalysis, are tracking the stolen funds.

- In the meantime, Bybit CEO Ben Zhou has confirmed his cryptocurrency exchange has fully replaced the $1.4 billion in Ether stolen on Feb. 21.

Image: ByBit X platform and created by BSCN using AI

All You Need to Know in 10s
TermsPrivacy PolicyWhitePaperOfficial VerificationCookieBlog
sha512-gmb+mMXJiXiv+eWvJ2SAkPYdcx2jn05V/UFSemmQN07Xzi5pn0QhnS09TkRj2IZm/UnUmYV4tRTVwvHiHwY2BQ==
sha512-kYWj302xPe4RCV/dCeCy7bQu1jhBWhkeFeDJid4V8+5qSzhayXq80dsq8c+0s7YFQKiUUIWvHNzduvFJAPANWA==