Cryptocurrency exchange Bybit has fallen victim to a massive hack, with over $1.4 billion in liquid-staked Ether (ETH), MegaETH (mETH), and various ERC-20 tokens stolen. The breach was initially discovered by onchain security analyst ZachXBT, who flagged the incident shortly after it occurred.
Hack Details: Malicious Code in Multisig Wallet
Following the breach, Bybit’s co-founder and CEO, Ben Zhou, confirmed the hack, revealing that the funds were transferred from the exchange’s multisignature wallet to a warm wallet about an hour before the attack was discovered. According to Zhou, the transaction appeared legitimate at first glance but concealed malicious code designed to alter the smart contract logic, allowing the hackers to siphon off the funds.
Zhou reassured users, saying, “Please rest assured that all other cold wallets are secure. All withdrawals are NORMAL. I will keep you guys posted as more develops.” He also called for assistance in tracking the stolen funds.
Impact on Users and Market Reaction
Despite the hack, Bybit assured users that its cold wallets remained unaffected, and that all customer funds were safe. The exchange confirmed that operations were continuing as usual. Zhou further emphasized that Bybit remains solvent, even if the stolen funds are not recovered, as all client assets are backed 1:1.
However, the hack has had a noticeable effect on the market. The price of Ether (ETH) dropped by over 3% following the confirmation of the breach, as news of the incident spread. This attack marks one of the largest breaches in recent crypto history, raising concerns about the security of crypto exchanges.
