Hack Strikes Bybit, Resulting in $1.46 Billion Loss Following Ethereum Cold Wallet Breach
In a shocking turn of events, the popular crypto exchange platform, Bybit, has announced that it has suffered a major breach to one of its Ethereum (ETH) cold wallets, resulting in the loss of approximately 514,723 ETH, equivalent to around $1.46 billion as reported by OnchainLens.
The breach was first publicized by crypto researcher ZachXBT on the X platform. Bybit's CEO, Ben Zhou, later confirmed the exploit, stating that the exchange is solvent and will cover the stolen funds.
The manipulated smart contract logic was used to transfer the funds from the cold wallet to the exchange's warm wallet. The hacker used a masked address to manipulate the smart contract logic of the exchange's ETH cold wallet. Even if the assets are not recovered, Bybit maintains that they are fully backed 1-to-1.
The initial compromise was achieved through social engineering, specifically phishing attacks against the multi-signers of the cold wallet. This approach tricked the signers into approving the manipulated transaction. The cybercriminal group behind the hack, attributed to North Korea’s Lazarus Group, immediately laundered the stolen Ethereum using complex webs of transactions involving decentralized exchanges, mixers, and cross-chain bridges to obscure the money trail.
The exchange is inviting teams with expertise in blockchain analytics and fund recovery for assistance in tracing the funds. Bybit's security team, along with leading blockchain forensic experts and partners, is currently investigating the incident. The company is open to any help in tracking the stolen funds.
Clients' funds remain safe, and operations continue as usual. Despite the breach, Bybit assures its users that their assets are secure and that the incident will not affect the exchange's services.
In summary, the attack combined phishing to compromise cold wallet signers (social engineering), a masked transaction interface that displayed the legitimate recipient while altering smart contract logic to divert funds, and rapid laundering via multiple crypto services to avoid detection. This makes it one of the most sophisticated and largest crypto thefts recorded.
References:
[1] ZachXBT's tweet on the Bybit hack
[2] CoinDesk's article on the Bybit hack
[3] OnchainLens' report on the Bybit hack
- The initial news of Bybit's ETH cold wallet breach, involving a loss of approximately $1.46 billion, was reported by OnchainLens, a finance and technology news platform.
- Despite the complex hacking methods used, Bybit is reaching out to blockchain analytics teams and experts in fund recovery, demonstrating their commitment to tracking and potentially recovering the stolen Ethereum, a move that could have significant implications for the sports world, given the involvement of crypto in various sectors, including sports betting.
