Bybit Confirms Historic $1.46 Billion ETH Cold Wallet Breach

Bybit, a Dubai-based cryptocurrency exchange, disclosed that a hacker stole over $1.46 billion in crypto from one of its ETH cold wallets. 

“The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic,” explained Bybit.

“As a result, the attacker was able to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address.”

Immediate Response and Forensic Investigation

Bybit said its security team is investigating the incident in collaboration with external blockchain forensic experts. The exchange also invited individuals with relevant expertise to assist in recovering the stolen assets.

Meanwhile, Bybit has assured its customers that all other cold wallets remain secure and uncompromised, with client funds safe and operational activities continuing without interruption.

The CEO also confirmed the exchange’s financial stability, stating it has adequate reserves to cover the losses from the hack and that all client assets are backed on a one-to-one basis.

Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss.

— Ben Zhou (@benbybit) February 21, 2025

According to crypto fraud expert ZachXBT, the hacker has moved 10,000 ETH out of the total 401,346 ETH stolen, distributing it to 48 different addresses.

Record-Breaking Cryptocurrency Heist

The Bybit hack now stands as the largest cryptocurrency heist to date, with the stolen $1.46 billion nearly doubling the amount taken in the previous largest attack.

Sky Mavis reported a breach in March 2022 where hackers pilfered $620 million from the Ronin network bridge linked to Axie Infinity. This incident was later attributed to North Korean hacker groups Lazarus and BlueNorOff by the FBI in April of the same year.

Threat actors lifted $611 million from the decentralized finance protocol Poly Network in another breach in August 2021, targeting assets across Binance Chain, Ethereum, and Polygon.

According to statements from the United States, South Korea, and Japan in January, North Korean government-supported hackers stole over $659 million in cryptocurrency in the last year alone.

Last month, Chainalysis reported that North Korean hackers stole $1.34 billion in cryptocurrency through 47 attacks in 2024, breaking their previous record of $1.1 billion from 2022.