Bybit Exchange Reports Security Breach With Over $1.4 Billion in Estimated Loss

Bybit reported a $1.4 billion crypto theft but assured users of secure cold wallets and full asset backing.

Deniz Saat

February 21, 2025 @ 1:15 PM PT

Bybit has reported a security breach resulting in the unauthorized transfer of over $1.4 billion in Ethereum-based tokens, including MegaETH (mETH) and other ERC-20 assets.

Details of the Incident

Bybit’s co-founder and CEO, Ben Zhou, confirmed that a transaction from the exchange’s multisignature wallet to a hot wallet was manipulated using malicious code, altering the smart contract logic and enabling unauthorized fund withdrawals.

Zhou reassured users that cold storage systems remained secure and that withdrawals were functioning normally.

Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago. It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe . However the signing message was to change…
— Ben Zhou (@benbybit) February 21, 2025

Bybit Addresses Financial Stability

Zhou stated that Bybit remains solvent and that all client assets are fully backed.

Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss.
— Ben Zhou (@benbybit) February 21, 2025

The exchange also confirmed that operations continue without disruption.