This was the largest cryptocurrency theft in history: 1.5 billion dollars in a single click.
On the night of February 21, Ben Zhou, CEO of the cryptocurrency platform Bybit, turned on his computer to order the transfer of 401,000 Ethereum tokens from a cold wallet to a hot wallet. An important but routine operation. He did it every time the platform needed liquidity. Just half an hour later, his CFO called him to give him the shock of his life; their system had been hacked, and 1.5 billion dollars (about 1.2 billion euros) had vanished in seconds.
Bybit, which is headquartered in Dubai (United Arab Emirates), is one of the largest cryptocurrency exchanges in the world and at the time of the cyberattack was safeguarding assets valued at 20 billion euros. How were they safeguarding them? Basically, by depositing them in cold wallets (not connected to the Internet) and then, when they needed liquidity, transferring them to hot wallets, which are connected to the Internet and therefore allow transactions.
None of the three people whose authorization was essential to complete the transaction were aware that they were facing a sophisticated phishing case and that by completing the verification protocol, they were actually giving their keys to the scammers. In a matter of seconds, the money was in someone else's hands, divided into packages of 10,000 dollars to be sent to multiple electronic wallets and disappear.
After the theft became public, Zhou conducted a live stream on the social media platform X, assuring that Bybit remained solvent and that customers' crypto assets were backed. He even shared screenshots from a health app that showed his stress levels were normal. But the owners of half of the funds did not believe him and left the platform. A stampede caused a 4% drop in the value of Ethereum.
