Yesterday, the cryptocurrency exchange Bybit confirmed that it was hacked. Analysts estimated that the loss was about $1.46 billion. This attack surpassed the $611 million theft of Poly Network in 2021, setting a record for the largest single theft in the history of cryptocurrency, and has aroused widespread concern among users about the security of exchanges and asset protection. Will Bybit end up bankrupt like Mt. Gox? How can we retail investors protect the security of our funds?

The inside story of Bybit hack:

The story goes like this: Bybit was attacked by hackers. The hackers disguised the trading interface, tricked the Bybit team into approving the fund transfer, and finally tampered with the smart contract.

First, the hacker disguised the trading interface to get Bybit's team to approve the fund transfer, then modified the logic of the smart contract, bypassed the platform's cold wallet security measures, and successfully stole assets, taking $1.4 billion in assets from the cold wallet! The targets of this attack were mainly Ethereum-related tokens, including ERC-20 tokens such as Liquid Staked Ethereum (stETH) and Mantle Staked ETH (mETH). This type of attack is actually quite complicated and requires a high level of technical means and understanding of the internal operations of the platform. Moreover, Bybit still uses Ethereum multi-signature cold wallets, but this time, the defense line was obviously breached.

Possibility of Bybit going bankrupt:

First, Bybit’s total assets are about $16.3 billion, and the loss of $1.4 billion this time is less than 10%. This is a big blow to a large platform with a total asset value of more than $16 billion, but it is not enough to bankrupt it. Back then, Mt. Gox eventually went bankrupt because it could not cover the loss of 650,000 to 850,000 Bitcoins (worth about $460 million at the time). So, if the example of Mt. Gox can serve as a warning, then Bybit’s situation is obviously much better.

According to CoinMarketCap, Bybit has total assets of approximately $16.3 billion. In contrast, a loss of $1.5 billion represents less than 10% of its total assets, suggesting that Bybit has sufficient reserves to cover losses. In addition, Bybit regularly publishes Proof of Reserves, with the latest report (August 2024) showing that its main asset reserve ratio is over 100%, as reported by PR Newswire. This further supports its claim to be able to cope with losses.

Compare historical cases, such as Mt. Gox, which lost 650,000 to 850,000 Bitcoins (worth about $460 million at the time) in a 2014 hack, and went bankrupt because it could not cover the losses (BuyBitcoinWorldwide). Another case is QuadrigaCX, which went bankrupt because its CEO died and could not access funds (Athena Alpha). Bybit's situation is different. Its assets are large and it has not encountered similar fatal problems, so it is not expected to go bankrupt.


Comparison of historical cases The following table summarizes several historical cases of exchanges that went bankrupt after being hacked, and compares them with Bybit:



As can be seen from the table, Bybit's loss ratio is much lower than historical cases, and it has clear financial support, so its survival probability is higher. In addition, exchanges such as Bitegt and Binance are also actively assisting Bybit in overcoming this crisis, so overall, Bybit is more likely to successfully overcome this crisis.

Of course, if you have funds in Bybit, it is still recommended that you withdraw them. After all, when there are problems with the security of funds on an exchange, it is a taboo in the industry.

So how can we ensure the safety of our funds? Here are some suggestions:

  • Diversify assets: Avoid concentrating all funds on one exchange to reduce the risk of a single platform. For example, you can choose multiple reputable exchanges (such as Binance, Kraken) for decentralized storage.

  • Use cold wallets: When holding assets for the long term, it is recommended to use offline cold wallets (such as Ledger, Trezor) to avoid the risk of theft from exchanges. Assets stored in cold wallets are not affected by security vulnerabilities in exchanges.

  • Enable Two-Factor Authentication (2FA): Enable 2FA on all your accounts to add an extra layer of account security and prevent unauthorized access.

  • Monitor your account regularly: Check your account activity daily to identify unusual transactions in a timely manner. If you find any suspicious behavior, contact exchange support immediately.


The above is the content of this issue. I hope today’s content can help everyone. Follow me and see you next time!