The globally renowned cryptocurrency exchange Bybit has suffered the largest scale of hacking in history. According to data from blockchain analysis company Elliptic, this attack resulted in the theft of nearly $1.5 billion, surpassing the $611 million theft suffered by Poly Network in 2021, making it the largest theft in the history of the cryptocurrency industry. This incident not only caused significant economic losses to Bybit and its users but also shook the entire cryptocurrency market, posing severe challenges to the security and trust systems of the cryptocurrency industry.
I. Incident Overview and Stolen Fund Details
The attack occurred on an offline Ethereum wallet of Bybit. Blockchain analyst ZachXBT posted on Telegram that hackers transferred approximately $1.46 billion in assets from the wallet through a series of suspicious transactions. Research firm Arkham Intelligence also confirmed that around $1.4 billion had flowed out of the exchange and posted on platform X that these funds had begun to be transferred to new addresses and were being sold.
Beosin Trace detected that the stolen funds included 401,347 ETH, valued at $1.12 billion; 90,376 stETH, valued at $253.16 million; 15,000 cmETH, valued at $44.13 million; and 8,000 mETH, valued at $23 million. Currently, the funds are grouped into batches of 10,000 ETH and deposited in over 40 Ethereum addresses. All hacker addresses have been added to the Beosin KYT label database, and Beosin KYT will issue alerts for any fund transfers involving these hacker addresses.
II. Analysis of the Attack Method
The Beosin security team analyzed the attack method in this incident, which is similar to that of WazirX. Both used front-end UI deception, allowing the multi-signature wallet to sign malicious content, altering the logic implementation of the multi-signature wallet contract, resulting in the funds being transferred out. This attack method leverages human weaknesses and vulnerabilities in the multi-signature mechanism, bypassing traditional password cracking and private key theft methods, making it highly covert and deceptive. Hackers used a forged Safe{Wallet} interface to show five signers the 'correct address' during the multi-signature process, while the actual signed code was malicious, directly altering the smart contract control to achieve fund transfer.
III. Impact of the Incident
1. Impact on Bybit Exchange: This theft incident has caused significant damage to Bybit's reputation. User trust in the exchange has greatly declined, potentially leading to a large loss of users. To address customer concerns, Bybit's CEO Ben Zhou conducted a live stream, emphasizing the security of the exchange's funds and revealing that the platform had applied for bridge loans with partners, raising about 80% of the funds to cover losses. At the same time, Bybit will attempt to recover the funds and take necessary legal action against the hackers. However, it remains to be seen whether these measures can fully restore user trust and the exchange's reputation.
2. Impact on the Cryptocurrency Market: Once the Bybit theft incident was exposed, it triggered significant fluctuations in the cryptocurrency market. The price of Ether dropped by 6.7% at one point that day, and Bitcoin fell nearly 3% from its high for the day. Moreover, the widely favored 'synthetic dollar' token USDe also experienced a brief loss of its peg with the dollar, dropping to $0.98. This indicates that the cryptocurrency market is highly sensitive to exchange security incidents; once a major security accident occurs, it can easily trigger market panic and undermine investor confidence.
IV. Industry Reflection and Insights
1. Importance of Security Technology and Management: Although the cryptocurrency industry has been emphasizing the security of technology, the Bybit incident shows that even exchanges that have adopted advanced security technologies such as cold and hot isolation and multi-signatures still face the risk of being attacked. This highlights the need for exchanges to not only continuously upgrade security technology but also strengthen security management and risk control. For example, enhancing employee security training to improve awareness of phishing and social engineering attacks; establishing a comprehensive security audit mechanism to regularly check systems for security issues and vulnerabilities.
2. Responsibility for User Asset Protection: As custodians of user assets, exchanges bear the important responsibility of ensuring the security of user assets. In the face of hacking attacks and other security incidents, exchanges should take timely measures, such as freezing accounts and tracking fund flows, to minimize user losses. At the same time, exchanges should also consider providing asset insurance and other services to enhance user trust in the platform.
3. Necessity of Industry Regulation: The rapid development of the cryptocurrency market contrasts sharply with the relative lag of regulation. This large-scale theft incident once again highlights the urgency of strengthening industry regulation. Regulatory agencies need to formulate stricter regulatory rules, standardize the operational behavior of exchanges, raise industry entry thresholds, and enhance security reviews and supervision of exchanges to protect the legitimate rights and interests of investors and maintain stable and healthy market development.
The Bybit exchange fund theft incident has sounded the alarm for the entire cryptocurrency industry. In the pursuit of innovation and development, security issues cannot be overlooked. Only through multi-faceted efforts such as enhancing technical security, improving management mechanisms, and strengthening industry regulation can similar incidents be effectively prevented, promoting the sustainable development of the cryptocurrency industry.#bybit被盗 #山寨季來了? $BTC
