Shocking Heist: Bybit’s Cold Wallet Robbery – A $1.46B Comedy of Errors! 😂💰

by

In a twist of fate that could only be penned by the hand of irony, the cryptocurrency exchange Bybit has found itself the unwitting star of a grand tragedy, losing a staggering $1.46 billion in Ethereum tokens. The funds, pilfered from a cold storage wallet—an alleged fortress of digital security—have vanished into the ether, proving that even the mightiest of fortresses can crumble under the weight of human folly.

Our intrepid blockchain sleuth, ZachXBT, was the first to raise the alarm, uncovering a meticulous scheme where mETH and stETH tokens were transformed into
ETH
$2 651
24h volatility:
3.6%
Market cap:
$320.07 B
Vol. 24h:
$28.56 B
through decentralized exchanges. Who knew that a simple transaction could lead to such a grand heist?

The curtain was drawn back when Bybit’s CEO, in a moment of dramatic revelation, confirmed the breach. The attackers, it seems, had employed a cunning “musked” transaction method, leading the unsuspecting team to approve what appeared to be perfectly normal transfers. Ah, the irony! A heist disguised as a mundane transaction!

“Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago. It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe. However, the signing message was to change…”

— Ben Zhou (@benbybit) February 21, 2025

Fake UI and Malicious Code Used in Heist

In a plot twist worthy of a thriller, the attackers crafted a fake interface that mimicked the Safe wallet management platform. They artfully replicated address details and URLs, leading Bybit’s security team down the garden path. Transactions appeared legitimate, allowing the team to unwittingly authorize malicious code that altered the wallet’s smart contract logic. A classic case of “trust, but verify” gone awry!

“It appears that this specific transaction was masked. All the signers saw the masked UI, which showed the correct address, and the URL was from Safe,” Zhou stated.

This clever ruse granted the hackers unfettered access to Ethereum holdings, resulting in the theft of 401,347 ETH ($1.12 billion), 90,376 stETH ($253 million), 15,000 cmETH ($44 million), and 8,000 mETH ($23 million). The grand total? A jaw-dropping $1.46 billion. Who needs a heist movie when reality is this entertaining?

mETH and stETH tokens were swapped for ETH. Source: Etherscan

Despite the monumental loss, Bybit quickly reassured its users that the breach was confined to a single cold wallet. The company declared that its other cold storage facilities, hot wallets, and warm wallets remain secure. Withdrawal functions across the platform continue to operate normally. A sigh of relief, or just a moment of denial?

Security teams joined forces with blockchain forensic experts to track the stolen assets. Bybit shared a transaction link via Etherscan, calling on the crypto community to assist in tracing the funds. Meanwhile, ZachXBT reported that the hacker distributed 10,000 ETH across 39 addresses, urging exchanges and services to blacklist them. A digital game of hide and seek!

“We have the plan to suspend or cancel withdrawals at the moment. We are still receiving all the withdrawal requests and in fact, 70% of them have been approved and processed,” said Zhou in a live stream on the Bybit website.

Bybit CEO: “All Losses Can Be Covered”

In a moment of bravado, Bybit CEO Ben Zhou reassured users of the exchange’s solvency. He boldly stated that even if the stolen funds are not recovered, Bybit can cover the losses. A true showman, isn’t he?

“Bybit Hot wallet, Warm wallet and all other cold wallets are fine. The only cold wallet that was hacked was ETH cold wallet.

Read More

2025-02-21 22:47