Cryptocurrency exchange Bybit has been hacked for over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH), and other ERC-20 tokens.
The exploit was identified shortly after it occurred, with onchain security analyst ZachXBT urging users to blacklist the associated hacker addresses.
Bybit co-founder and CEO Ben Zhou confirmed the security breach, stating that the attack targeted a warm wallet.
Zhou explained that approximately an hour before the hack, a transfer was made from the exchange’s multisignature wallet, with the transaction appearing legitimate but containing malicious source code.
Bybit Hot wallet, Warm wallet and all other cold wallets are fine. The only cold wallet that was hacked was ETH cold wallet. ALL withdraws are NORMAL.
Despite the breach, Bybit assured users that its cold wallets remained secure and that withdrawals were functioning normally.
The CEO said:
Bybit is solvent even if this hack loss is not recovered. All of the client’s assets are 1-to-1 backed—we can cover the loss.”
The exchange also reiterated that client funds were safe and that its operations continued without disruption.
Bybit says withdrawals remain active
Despite the incident, Bybit CEO Ben Zhou reassured customers that withdrawals remain open but may take several hours to process due to high congestion.
In a February 21 livestream, Zhou stated that the exchange currently has around 4,000 pending withdrawal transactions and urged users to be patient.
He emphasized that Bybit has no plans to suspend or cancel withdrawals, noting that 70% of requests have already been approved and processed.
However, network congestion is delaying some transactions.
Zhou also confirmed that no other Bybit wallet was compromised in the attack.
Additionally, the exchange is in the process of securing a bridge loan to ensure operations continue smoothly while the issue is resolved.
Binance founder and former CEO Changpeng Zhao (CZ) offered support to Bybit CEO Ben Zhou in response to one of Zhou’s updates on the $1.4 billion hack.
CZ acknowledged the challenges of handling such an incident and suggested that Bybit temporarily halt all withdrawals as a standard security precaution.
He also stated, “Will provide any assistance if needed.”
Cyberattacks on crypto market
Following confirmation of the hack, the price of Ether (ETH) dropped by over 3%, with the attack ranking among the largest in recent crypto history.
The global crypto market cap is at $3.18 trillion, a 1.35% decrease over the last day.
The incident adds to a series of security breaches that have affected the industry in early 2025, raising concerns over the vulnerability of exchanges and DeFi protocols.
The Bybit hack follows a string of recent security incidents.
On February 14, ZkLend, a money-market protocol on Starknet, was exploited for $9.5 million.
The stolen funds were later bridged to Ethereum and the Railgun protocol, though Railgun ultimately returned them.
Earlier in February, social media-related breaches also impacted the industry.
On February 5, both the Solana-based decentralized exchange Jupiter and former Malaysian Prime Minister Mahathir Mohamad’s accounts were compromised to promote fraudulent meme coins.
Additionally, Eliza Labs founder Shaw Walters fell victim to a social media hack despite having two-factor authentication enabled.
The attacker took control of Walters’ X account and used it to post scam links.
The rise in security breaches highlights ongoing challenges in securing digital assets, with hackers targeting both exchanges and high-profile individuals in the crypto space.
The post Crypto’s largest hack? Bybit breach sees $1.4B in ETH-related tokens stolen appeared first on Invezz
https://invezz.com/news/2025/02/21/cryptos-largest-hack-bybit-breach-sees-1-4b-in-eth-related-tokens-stolen/
