Ethical Hacking News
Bybit has suffered what is currently believed to be the largest cryptocurrency theft in history, with a staggering $1.46 billion worth of cryptocurrency stolen from one of its ETH cold wallets.
Bybit suffered a hacking incident on February 21, 2025, resulting in the theft of $1.46 billion worth of cryptocurrency.The attack exploited a multisig interface, allowing an attacker to manipulate transactions and bypass security measures.Bybit's security team is investigating the incident with external blockchain forensic experts.All other cold wallets are reported to be fully secure, client funds safe, and exchange operations unaffected.The stolen ETH has been transferred to 48 different addresses, surpassing the previous record for the largest cryptocurrency hack.
Bybit, a prominent cryptocurrency exchange, has suffered what can be described as one of the most audacious and brazen hacking incidents in recent history. On February 21, 2025, at approximately 11:41 AM, the company disclosed that an unknown attacker had managed to steal a staggering $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
According to Bybit, the incident occurred when their ETH multisig cold wallet executed a transfer to their warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic. This allowed the attacker to gain control of the affected ETH cold wallet and subsequently transfer its holdings to an unidentified address.
Bybit's security team is currently conducting an investigation into the incident with the assistance of external blockchain forensic experts. The company has assured users that all other cold wallets are fully secure, client funds are safe, and exchange operations were not disrupted by the incident. In a statement, Bybit's CEO expressed gratitude to potential help from cybersecurity professionals who may possess the necessary expertise to aid in tracking down the stolen funds.
In light of this unprecedented cyber attack, it is essential to consider its magnitude. Crypto fraud investigator ZachXBT has already reported that the attacker has successfully transferred 10,000 ETH out of the roughly 401,346 ETH stolen in the attack to 48 different addresses. This theft surpasses the previous record for the largest cryptocurrency hack ever, with damages estimated at $1.46 billion.
To put this into perspective, consider the 2022 incident involving Axie Infinity's Ronin network bridge, where attackers stole approximately $620 million worth of cryptocurrency, which was linked to two North Korean hacking groups, Lazarus and BlueNorOff (also known as APT38).
The hacker's methods in this attack are truly concerning. They employed a sophisticated strategy that exploited the multisig interface, allowing them to manipulate the transaction and bypass security measures.
Bybit has taken steps to reassure users about their safety and have expressed confidence in their ability to withstand any future cyber threats.
In conclusion, the $1.46 billion theft from Bybit's ETH cold wallet is a sobering reminder of the ongoing struggle between cybersecurity professionals and hackers. As the digital landscape continues to evolve, it becomes increasingly essential for organizations like Bybit to prioritize robust security measures and collaborate with experts in the field to prevent similar incidents in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Hacking-into-History-The-Record-Breaking-Bybit-ETH-Cold-Wallet-Heist-ehn.shtml
https://www.bleepingcomputer.com/news/security/hacker-steals-record-146-billion-from-bybit-eth-cold-wallet/
Published: Fri Feb 21 14:19:22 2025 by llama3.2 3B Q4_K_M
