On February 21, 2025, cryptocurrency exchange Bybit faced the largest hack in history, with hackers stealing $1.4 billion worth of digital assets.
How the Hack Happened
The attack targeted Bybit’s cold wallet, used to protect users’ assets from online threats. Hackers exploited vulnerabilities during the transfer of Ethereum (ETH) from Bybit’s cold wallet to a warm wallet. They accessed the signing mechanism, altering transaction details. Bybit’s system showed a legitimate address, but the contract logic was tampered with, redirecting funds to the hackers' address.
Immediate Aftermath and Reactions
The scale of the attack caused panic among Bybit users, leading over 350,000 customers to withdraw their assets. Bybit’s CEO, Ben Zhou, assured that all client assets are backed 1:1 and the company is solvent. Bybit secured bridge loans to cover potential losses and ensured that withdrawal requests were honored without delay.
Bybit's Response and Community Support
Bybit has taken steps to recover the stolen funds and strengthen its security. The exchange is collaborating with law enforcement to track the hackers and attempt fund recovery. Bybit offered a $140 million bounty for assistance. The cold wallet architecture is being upgraded to enhance security.
The Bybit hack raises serious concerns about the security of even the most advanced cryptocurrency platforms. Despite robust security measures, hackers managed to breach the system and steal a record-breaking amount, highlighting the need for improved exchange security.
