Bybit, a cryptocurrency exchange, said it was hacked Friday, leading to an estimated $1.5 billion worth of tokens being stolen, amounting to what is estimated to be the largest crypto heist.
Ben Zhou, chief executive officer of Bybit,
“Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago,” Zhou wrote in his post. A cold wallet is a cryptocurrency wallet that is not connected to the internet. “It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe.”
“However, the signing message was to change the smart contract logic of our ETH cold wallet,” Zhou said. “[The] hacker took control of the specific ETH cold wallet we signed and transferred all ETH in the cold wallet to this unidentified address.”
In a
“Transparency and security remain our top priorities, and we will provide updates asap,” the company said.
The CEO in a follow up post said the exchange remains solvent and all assets are one to one backed, adding “we can cover the loss.”
Crypto analyst ZachXBT in a post on Telegram estimated $1.46 billion worth of crypto assets – primarily Ethereum and staked Ethereum – were stolen from the exchange and split between 39 different addresses.
The Bybit hack highlights the concerns some have with integrating cryptocurrencies and traditional financial institutions, as well as the hesitancy some larger banks feel towards embracing the sector. It also calls into question the idea that cold wallets unconnected to the internet are safe from attack.
Bybit, founded in 2018, is based in Dubai and not available in the U.S. It’s one of the largest crypto exchange platforms in the world and processes more than $36 billion in trades daily on average.
“When it comes to the ongoing debate of centralization versus decentralization, it’s always the offshore exchanges. You never see hacks of this magnitude on platforms like Coinbase,” said Dennis Dinkelmeyer, co-founder and CEO of Midas, a trading app focused on transparency. “This latest exploit of $1.4 billion on Bybit is a major blow to the industry and a reminder that we need real improvements.”
Dinkelmeyer said the hack is a reminder of the need for established and
“The hack exposes serious vulnerabilities, especially when dealing with offshore operations that lack the regulatory oversight of more established markets,” Dinkelmeyer said. “This is a wake-up call — the industry can no longer afford to ignore these weaknesses.”
Washington, D.C. is currently mired in a policy debate over how to best regulate cryptocurrencies and crypto markets. President Donald Trump has vowed to be the first “crypto president” and promised he’d make the U.S. the “crypto capital of the planet.” Weeks into his second term, the president has put forward several crypto-friendly policies.
Trump
“Regulation is meant to protect consumers by enforcing strict security and compliance standards,” Dinkelmeyer said. “While hacks can happen to any platform, strong security requirements can reduce the risks. More importantly, regulated exchanges have to follow rules around consumer protection and asset reserves, which helps prevent losses for customers.”
Arkham announced a