Bybit Ethereum Hack: Millions Stolen in Cold Wallet Exploit — What You Need to Know
Bybit ETH cold wallet hack: Trading platform suffers a sustained security attack.
On February 21, 2025, Bybit CEO Ben Zhou revealed a serious security flaw in the exchange’s Ethereum (ETH) multisig cold wallet. The hackers made way with quite an amount after manipulating the smart contract logic to sweep away all ETH stored in a certain cold wallet into an unknown address. This occurrence has spread fears in the crypto community, despite Bybit’s insistence that other cold wallets are safe and the withdrawals are up and running Else?
Bybit’s security team discovers[] an unusual transfer of ETH from a multisig cold wallet to a warm wallet. The signers appear to have verified the transaction on a seemingly legitimate user interface, and everything seems to be in order at first. The masked UI presented the correct address, and the correct URL from @safert, a well-respected smart contract security platform.
However, attackers exploited a vulnerability by altering the signing message and thereby eventually changing the smart contract execution logic. In essence, this led to unauthorized access and control over the cold wallet and enabled the hackers to withdraw all ETH to an unknown address.
Hacker Incident Main Ethics:
Bybit’s ETH multisig cold wallet has been compromised. Attack method: Attackers fixed the smart contract; users’ UI was tampered with. Cold wallet lost all ETH and sent it to an unknown address. Other funds other than Ethereum. Bybit assures that all other cold wallets are secure.
Withdrawal: Bybit would provide an update some days later, mentioning how business as usual would continue. The breach caused fears on the ground that the cryptocurrency market was shaken as others pondered if even the most advanced storage systems could be breached. Furthermore, the Bybit breach highlights how the security systems that use smart contracts and multisig wallets are broken. Market reaction right after: Ethereum (ETH) price: A minor drop was observed as reports ensued while the investors weighed fears of security threats.
Bybit’s reputation: Investor sentiment plays a role in the exchange’s ongoing operations. Security concerns are being raised among investors about putting more focus on cold storage solutions via smart contracts. The next stage? Bybit’s management has stated that it will cooperate with blockchain security teams for a forensic investigation into the breach to identify the stolen coins and retrieve them. They also want help tracking the transaction from external security experts while taking further steps to ensure similar attacks will not happen in the future.
Big points to be on the lookout for: Will Bybit be able to recover the lost ETH? What are they adding to increase security other than that? Will the regulators respond to this breach? The breach serves as a potent reminder to both exchanges and investors that security should take precedence, audits of smart contracts should be conducted constantly, and being wary
of emerging cyber threats should become second nature.
One final thought
For some, the heist of the Bybit ETH cold wallet serves to send a new wave of horror down their spines because it sadly reflects the evolution of crypto-related cybercrime. Despite blockchain technology improving security, it cannot be overemphasized how all these factors reveal loopholes that create faults whenever human validation mechanisms have sold out to manual control. This hack strengthens the call for instituting a newer level of protection and risk management within the crypto-sphere.
As the situation continues to develop, we will keep you appraised every step of the way. If you possess coins on centralized exchanges, it is prudent to take some precautions by utilizing wallet cold storage and also by activating multi-factor authentication.
Do you have a comment on this breach? Add your thoughts in the comments section!
Bybit Ethereum Hack: Millions Stolen in Cold Wallet Exploit — What You Need to Know was originally published in The Capital on Medium, where people are continuing the conversation by highlighting and responding to this story.
from The Capital - Medium https://ift.tt/HXcF81o
0 Comments