Crypto exchange Bybit hacked for over $1.4 billion
Bybit was hacked today for approximately $1.4 billion in ether (ETH) and staked ether (stETH).
This hack was initially highlighted by blockchain analysts, including ZachXBT in his Telegram group, where he noted the outflows and informed the group that his “sources confirm it’s a security incident.”
The hack was confirmed on X by Ben Zhou, the founder and chief executive of Bybit. He noted that the hacker “took control of the specific ETH cold wallet we signed and trasfered [sic] all ETH in the cold wallet.”
He also assured users “that all other cold wallets are secure” and noted that withdrawals are otherwise proceeding as normal.
Read more: Bybit CEO claims Chinese users can bypass restrictions with VPN
The hacker was apparently able to bypass Bybit’s advertised “Triple Layer Asset Protection” where “user funds are stored securely offline in cold wallets” and where Bybit can “protect them from unauthorized online access through a combination of advanced multi-signature, Trusted Execution Environment (TEE) and Threshold Signature Schemes.”
Bybit’s proof of reserves from yesterday noted that it had 543,453 ETH held against 537,152 ETH owed to users — an excess of 6,301 ETH.
This hack removed 401,346 ETH, far greater than the excess held by Bybit.
Protos reached out to Bybit for comment on this hack, but at time of publication had received no response.