Bybit Suffers Historic $1.5 Billion Crypto Heist, Shaking Market Confidence

In a significant blow to the cryptocurrency sector, Dubai-based exchange Bybit has reported a security breach resulting in the theft of approximately $1.5 billion in Ethereum, taking place late Friday evening.

The attack occurred during a routine transfer from Bybit's offline "cold" wallet to a "warm" wallet used for daily operations, Bybit explained. Hackers exploited this process by manipulating the transaction, gaining control over the cold wallet, and transferring 401,000 Ethereum to an unidentified address.

Bybit CEO Ben Zhou emphasized that despite the loss, the exchange remains solvent, with all client assets backed 1:1. He assured users that other wallets are secure and that withdrawals are functioning normally.

Following the breach, Ethereum's price experienced a temporary decline of nearly 4%, though it has since stabilized. Currently, Ethereum is trading at $2,726.64, reflecting a 0.92% increase over the previous close. Bitcoin, the leading cryptocurrency, is priced at $95,736, marking a 0.22% decrease. The global crypto market capitalization stands at $3.17 trillion, a 0.9% decrease over the last day.

Changpeng Zhao (CZ), founder of Binance, highlighted a concerning trend in recent hacks, noting that attackers have successfully breached multi-signature cold storage solutions across various platforms, including Bybit.

He pointed out that in Bybit's case, hackers manipulated the front-end interface to display legitimate transactions while executing unauthorized ones. CZ commended Bybit's transparent communication during the crisis and emphasized the importance of not taking security for granted.

 Gracy Chen, CEO at Bitget, said the exchange transferred 40,000 ETH (worth roughly $105 million) to Bybit to support them in dealing with the situation.

"These are Bitget’s own funds, which we have sent for the goodwill of the cryptospace. All Bitget’s users’ funds are securely stored on our platform and users can check the Proof of Reserve accordingly. As of now Bybit has already processed 99% of the withdrawals on the platform. Bybit is a respected competitor and partner to us. This loss, even though extremely significant, is roughly about a year’s profit of the exchange. We will continue to monitor the incident, and if Bybit needs more support we’re here to provide,” Chen said.

Ledger's head of APAC, Takatoshi Shibayama, said in a LinkedIn post: "It’s awesome to see Bybit’s peers joining in to help another competitor in crisis.One can say that they helped to stabilize the market but, nevertheless these exchanges have shown support to one another, which is an act I haven’t seen before. This shows that the market has matured and moved beyond just zero sum game and building the industry together."

Ongoing Investigations

Blockchain analytics firm Arkham Intelligence has suggested potential involvement of North Korea's Lazarus Group in the Bybit hack, citing similarities to previous attacks.

Bybit said it is collaborating with cybersecurity experts and law enforcement agencies to trace the stolen funds and has launched a recovery bounty program, offering up to 10% of the recovered amount to those aiding in the retrieval of the assets.

In an update on Sunday, Bybit announced the "full restoration of services and significant progress in our recovery efforts."

Our platform has demonstrated remarkable resilience, processing record-breaking withdrawal volumes while maintaining full operational capacity, the exchange said.

Arkham also noted that since being hacked Bybit has bought 266,694 ETH worth around $742M.