Ben Zhou, CEO of Bybit, has confirmed that the cryptocurrency exchange’s Ethereum (ETH) cold wallet has been compromised in a major security breach.
According to reports, Bybit has lost approximately $1.4 billion worth of ETH and other tokens. Additionally, around $200 million worth of stETH was swapped for ETH on the open market.
The attack was sophisticated, utilizing a musked transaction, where all signers saw a seemingly legitimate interface displaying the correct address and a Safe.eth URL. Zhou explained that the hacker exploited a signing message to manipulate the smart contract logic of Bybit’s ETH cold wallet. This allowed them to gain control over the wallet and transfer its contents to an unknown address.
Despite the breach, Bybit assures users that withdrawals remain unaffected, and only the ETH cold wallet was compromised. “Bybit’s hot wallet, warm wallet, and all other cold wallets remain secure,” Zhou stated.
Following the news, Ethereum’s (ETH) price dropped nearly 3%, reflecting market concerns over the incident.