Bybit Ethereum Hack: Millions Stolen in Cold Wallet Exploit — What You Need to Know

Bybit ETH cold wallet hack: Trading platform suffers a sustained security attack.

On February 21, 2025, Bybit CEO Ben Zhou revealed a serious security flaw in the exchange’s Ethereum (ETH) multisig cold wallet. The hackers made way with quite an amount after manipulating the smart contract logic to sweep away all ETH stored in a certain cold wallet into an unknown address. This occurrence has spread fears in the crypto community, despite Bybit’s insistence that other cold wallets are safe and the withdrawals are up and running Else?

1.5B$ ETH hacked

Bybit’s security team discovers[] an unusual transfer of ETH from a multisig cold wallet to a warm wallet. The signers appear to have verified the transaction on a seemingly legitimate user interface, and everything seems to be in order at first. The masked UI presented the correct address, and the correct URL from @safert, a well-respected smart contract security platform.

However, attackers exploited a vulnerability by altering the signing message and thereby eventually changing the smart contract execution logic. In essence, this led to unauthorized access and control over the cold wallet and enabled the hackers to withdraw all ETH to an unknown address.