#bybit latest information on the Bybit hacker attack
What happened? Date: February 21, 2025. Target: A
cold wallet of Ethereum from Bybit, one of the
largest cryptocurrency exchanges in the world. Loss:
Approximately 401,346 ETH were transferred to an
unknown address, equivalent to about $1.13 to
$1.46 billion, depending on the exchange rate at the time. Method: The attack was highly sophisticated.
According to Ben Zhou, CEO of Bybit, the hackers manipulated a transaction during the transfer of funds from a
multisig cold wallet to a hot wallet. They
used a technique known as "UI spoofing" or "interface phishing," where the signature interface displayed false information, deceiving those responsible for authorization.
After the theft, the assets were quickly distributed to
multiple addresses (about 39 to 53 wallets, according to
different sources) and part was converted into stETH and mETH,
being liquidated on decentralized exchanges. It is estimated
that $200 million was sold shortly after the attack.
Solvency: Zhou assured that Bybit remains solvent,
with 1:1 reserves for customer assets, and that the
exchange has resources in the treasury to cover the loss, even
if the funds are not recovered.
Ethereum dropped about 4% after the attack, trading at approximately $2,727, while Bitcoin fell nearly 4.5%, to around $95,009.
Historical context:
This incident surpasses other major hacks in the crypto sector.
Mt. Gox (2014): $470 million.
CoinCheck (2018): $530 million.
Ronin Bridge (2022): $650 million.
