The crypto market has been shaken by one of the biggest exchange hacks in recent history, with Bybit suffering a $1.46 billion loss from its ETH cold wallet.
How the Attack Unfolded?
The exploit was first flagged by on-chain investigator ZachXBT at 19:20 UAE time, who detected suspicious outflows from Bybit. Within minutes, the attacker began swapping stolen mETH and stETH for ETH across decentralized exchanges, attempting to cover their tracks. At 20:00, ZachXBT reported that 10,000 ETH had been split across 39 different addresses, calling on exchanges to immediately blacklist these wallets to prevent further movement of funds. Bybit later revealed that the attack was not a direct breach of private keys but rather a smart contract manipulation. The hacker masked the transaction UI, deceiving Bybit’s signers into approving a contract logic change instead of a routine transfer, allowing them to seize control of the ETH cold wallet and siphon out the funds unnoticed.
Market Reactions and Security Concerns
The news of the Bybit hack sent immediate ripples through the market, with ETH volatility increasing as liquidity providers adjusted risk exposure. While Bybit’s BTC and stablecoin reserves remain untouched, the breach raises serious concerns about the security of smart contract-based wallet systems on centralized exchanges. Zhou highlighted that such an exploit would not have been possible on Bitcoin, as BTC transactions do not rely on programmable smart contracts. He further reassured users that Bybit is working with global law enforcement agencies to track the stolen funds and bring those responsible to justice.
What Happens Next?
Bybit, having an in-principle approval from VARA in Dubai, has launched a full-scale security review, isolating the affected wallet to prevent further losses. The exchange has also engaged with leading blockchain forensics firms to track and recover the stolen ETH. Meanwhile, market makers are actively working to stabilize ETH trading, ensuring minimal disruption to users. With one of the biggest exchange hacks now under investigation, the broader crypto industry is watching closely. Bybit’s next steps will be critical in determining the impact and whether any funds can be recovered.
The situation with the Bybit attack highlights the vulnerability of smart contracts on crypto exchanges and underscores the need for enhanced security measures. The market will continue to monitor developments and steps taken to prevent similar incidents in the future.
