In a major security incident, cryptocurrency exchange Bybit was hacked, compromising the platform’s Ethereum cold wallet and resulting in losses of around $1.5 billion. The incident raises concerns about the security of centralized exchanges and the risks of increasingly sophisticated cyberattacks.

How the incident unfolded
The attack was discovered on Friday when a large amount of Ether (ETH) and MegaETH (mETH) was illegally withdrawn from Bybit’s cold wallet. According to initial information, the attacker took advantage of a smart contract vulnerability to change the transaction logic, take control of the multi-signature ETH cold wallet, and withdraw all the assets in it.

Bybit CEO Ben Zhou was quick to confirm the incident and reassure users that all other cold wallets on the platform are safe. At the same time, the exchange mobilized its security team and blockchain forensics experts to investigate and trace the stolen funds.

Sophisticated attack tactics
According to Bybit, the attack was carried out through a “stealth transaction” method, in which the attacker manipulated the user interface during the transaction approval process. The platform’s transaction signatories, who were responsible for confirming withdrawals, accidentally approved a modified transaction, allowing the hacker to take control of the cold wallet’s smart contract.

After gaining access, the attacker quickly transferred the stolen ETH to multiple new wallet addresses to hide their tracks. According to data from Arkham Intelligence, the hacker is currently dispersing these assets to avoid being traced.

Bybit’s response
Bybit immediately increased its security measures, working with blockchain experts to track the flow of stolen funds. At the same time, the exchange also called on the crypto community to blacklist addresses related to the hack.

Despite the huge losses, Ben Zhou affirmed that the platform is still financially strong and all customer assets are supported at a 1:1 ratio. In addition, Bybit announced system maintenance to strengthen security, and continued investigation to prevent similar attacks in the future.

How did the community react?
Initially, news of the hack caused panic in the market, causing ETH prices to drop by more than 4%. However, after commitments from Bybit, investor sentiment has gradually stabilized. Platform users are advised to closely follow official announcements to protect their assets.

Currently, security experts are still re-evaluating Bybit's security infrastructure to upgrade the system and prevent similar incidents in the future.