The Singapore-based cryptocurrency exchange Bybit has fallen prey to a massive hack, resulting in the theft of over $1.4 billion worth of Ethereum and other ERC-20 tokens.
How the Attack Unfolded
The exploit was first detected by on-chain security analyst ZachXBT, who alerted the crypto community to blacklist the hacker’s addresses. Bybit co-founder and CEO Ben Zhou confirmed the breach, stating that the attacker had manipulated the exchange’s multisignature ETH cold wallet through a deceptive transaction. Despite the breach's scale, Bybit has assured users that all non-ETH cold wallets remain secure and that withdrawals are functioning normally.
Market Reaction and Security Concerns
The hack has sent shockwaves through the crypto market, with ETH prices dropping over 3% in response to the news. Analysts have pointed out that approximately 75% of Bybit users’ ETH deposits were stolen, raising concerns about centralized exchange security.
Industry Security Issues
February 2025 has seen a spike in security breaches. Just days before the Bybit hack, Starknet-based money-market protocol ZkLend was exploited for $9.5 million. Additionally, the Solana-based decentralized exchange Jupiter and Eliza Labs founder Shaw Walters suffered social media breaches, where attackers used their accounts to promote scams.
The Bybit hack underscores the importance of strengthening security measures on centralized exchanges. The increasing number of attacks is alarming for the industry, necessitating new solutions to safeguard user funds.
