Bybit under attack: hackers breach a cold wallet and steal $1.46 billion in ETH

Bybit, one of the most well-known cryptocurrency exchanges in the world, suffered a cyber attack that saw over $1.4 billion in ETH drained. The incident occurred when a transfer from a multisig cold wallet to a hot wallet was compromised by a sophisticated attack, which manipulated the signing interface, displaying the correct address but altering the smart contract logic.

This allowed the attacker to gain control of the ETH wallet and transfer the funds to an unknown address. The exchange immediately initiated investigations in collaboration with blockchain security experts and industry partners.

New revelations in the Bybit case: the monitoring by ZachXBT and the statements of CEO Ben Zhou

The blockchain analyst ZachXBT has reported suspicious outflows from Bybit amounting to over $1.46 billion. According to his sources, large quantities of mETH and stETH are currently being exchanged on DEX for ETH, confirming that it is a hacker attack on Bybit. However, it is not possible to trace the post as it was deleted by him a few minutes after publication.

The CEO of Bybit, Ben Zhou, confirmed that the transfer of the cold wallet ETH multisig to the hot wallet occurred about an hour before the discovery of the attack. He also revealed that all the signatories of the transaction saw an altered graphical interface, which displayed the correct address while the underlying code had been tampered with. The site from which the operation was executed was associated with @safe, a usually reliable platform for managing digital assets.

What can users do?

The first thing to know is that user funds are not in danger. Probably, the solidity of Bybit has allowed it to manage excess liquidity for episodes like these. Although the attack did not directly involve user funds, it is always advisable to adopt some security measures:

• Use a non-custodial wallet to store funds long-term, limiting the use of exchanges to trades only.
• Activate all available security measures on the exchange, such as 2FA and address whitelist.
• Monitor transactions and official announcements to stay informed about any security issues.

Hacker attacks on exchanges and the impact on the market

Attacks on centralized exchanges are not new in the crypto sector. Similar episodes have marked crucial moments in the history of Bitcoin and cryptocurrencies, with varying effects on the market. In 2014, the hack of the Mt. Gox exchange led to a drastic drop in the price of Bitcoin from 600 to 300 dollars within a few months, contributing to a bear sentiment that lasted until June of the same year.

In 2016, the attack on Bitfinex caused a temporary drop in the price, but the market quickly recovered, pushing Bitcoin up to 700 dollars. The impact of the DAO hack in the same year was different, as it mainly affected Ethereum, but did not have significant effects on the price of Bitcoin.

In 2017, during the bull run of Bitcoin, the attack on NiceHash occurred in conjunction with the peak of 19,000 dollars, and the price began to fall in the following months, finding its low only in 2018. The same year, attacks like those on Coincheck and Zaif occurred in a market already in a bear phase, accelerating the decline to 3,000 dollars by the end of the year.

In 2020, the attack on KuCoin occurred during the market recovery, without affecting the positive trend that led Bitcoin up to 60,000 dollars. In 2021, the hack of Poly Network came in a market context already close to the peak, anticipating a bear phase.

More recently, in 2022, attacks such as those on Ronin Network and the collapse of FTX had a significant impact. In particular, the failure of FTX coincided with the market low, marking a turning point for the subsequent recovery in 2023.

The attack on Bybit is therefore part of a long series of similar episodes, demonstrating how hackers continue to seek vulnerabilities even in the most advanced systems.

Security in Centralized Exchanges: A Constant Challenge

This episode raises once again the issue of security in cryptocurrency exchanges. Centralized exchanges, while offering convenience to users, are frequent targets for hackers looking to exploit every available vulnerability.

Some key points to consider:

• The use of a cold wallet reduces the risk of direct attacks on users’ funds, but does not eliminate them entirely.
• The interfaces of firma e smart contract must be constantly updated and monitored.
• Monitoring transactions and reacting quickly can reduce the damage of potential attacks.

The future of security in exchanges

After attacks of this magnitude, it is likely that the exchanges will further increase security levels. Some possible solutions include:

• Implementation of advanced multi-factor authentication for all critical transactions.
• Behavioral analysis of transactions to identify suspicious operations in real-time.
• Closer collaborations with blockchain forensics companies to improve the ability to track and recover stolen funds.

A warning for the entire crypto sector

The hacker attack on Bybit is a clear signal of the importance of security in the crypto sector. The sophistication of the attacks continues to increase, requiring ever more advanced defense strategies.

The exchange has committed to providing maximum transparency on the matter and to constantly updating the community on the progress of the investigations.

Stay updated on the latest news from the crypto world and discover how to best protect your funds!