Bybit hit by biggest-ever heist as hackers swipe $1.5bn: ‘This will happen again’

Bybit hit by biggest-ever heist as hackers swipe $1.5bn: ‘This will happen again’
DeFi
Bybit has just suffered one of the crypto industry's largest hacks. Credit: Photo by Jakub
By
Liam Kelly
21 February 2025 at 16:22

Bybit, the market’s third-largest crypto exchange, has just been hacked for nearly $1.5 billion in Ethereum on Friday.

Onchain activity shows the hacker has been selling the stolen funds for the past hour.

“Please rest assured that all other cold wallets are secure. All withdraws are NORMAL,” Ben Zhou, CEO of Bybit said.

The hacker gained access to Ether in the exchange’s cold wallet — a secure, offline storage device for holding cryptocurrencies — and sent funds to an unidentified address.

“Bybit ‘s ETH multisig cold wallet was compromised through a deceptive transaction that tricked signers into unknowingly approving a malicious smart contract logic change,” Meir Dolev, co-founder and CTO of CyVers, told DL News.

In a later statement, Zhou said, “Bybit is solvent even if this hack loss is not recovered. All of clients assets are 1 to 1 backed. We can cover the loss.”

Prior to today’s Bybit hack, the largest hack in the crypto industry was the Ronin Network exploit on March 23, 2022, which resulted in a $600 million loss.

Bybit did not immediately respond to additional requests for comment.

‘This will happen again and again’

Taylor Monahan, the lead security researcher at the crypto wallet MetaMask, warned that the threat that felled Bybit was the same as that of many other high-profile attacks.

“No one is prepared for the attack vector,” she told DL News. “This will happen again and again and again.”

Monahan pointed to attacks on India-based crypto exchange WazirX, decentralised autonomous organisation Radiant Capital, and Japan-based crypto exchange DMM Bitcoin, followed a similar pattern.

WazirX was hacked for $235 million in July 2024, Radiant was hacked for $50 million in October 2024, and DMM Bitcoin was made $308 million lighter in December 2024.

In each instance, the attackers could get around security measures to reimplement a version of each project’s crypto wallet, but the wallet interface appeared the same to the original owners.

“You can’t see it,” Monahan said. “It fucking fakes the goddamn frontend.”

Liam Kelly is a Berlin-based reporter for DL News. Got a tip? Email him at liam@dlnews.com.