Bibit hit with a $1.4 billion hack

Please share this article

Crypto Exchange Bybit has confirmed a huge loss for Ethereum (ETH) from one of its cold wallets estimated to exceed $1.4 billion due to a very sophisticated phishing attack. The incident comes into view after on-chain analyst Zachxbt flagged a suspicious spill from Bybit wallets, totaling $1.46 billion.

Zachxbt initially warned the community, focusing on massive spills and swapping of Meth and Steth in Decentralized Exchange (DEXS) ETH. Sources later confirmed to ZachxBT that the activity was due to a security incident.

Bibit CEO confirmed the exploit. In a statement issued briefly after the incident surfaced, he said the attackers had adopted technology that is likely to include “inflated” transactions.

The Bibit ETH Multi-Sig Cold Wallet moved to a warm wallet about an hour ago. This particular transaction appears to have been inflated, and all signers have given the correct address and the URL has seen the Muscob UI from. @safety . However, the signature message was to change…

– Ben Zhou (@benbybit) February 21, 2025

This involved deceiving Bibit's teams to approve malicious transactions by displaying a user interface that appears to be legitimate. The UI showed the correct address and URL from Safe, a widely used wallet management platform, making the transaction look authentic.

However, the actual transaction signed by the Bybit team included malicious code that changed the smart contract logic of a targeted cold wallet. This effectively grants attacker control and allows ETH Holdings wallets to be drained.

Bibit emphasized that only one cold wallet would be compromised and all other cold wallets remain safe. The exchange also reassures users that the withdrawal is progressing normally, indicating that the stolen funds represent a portion of the total reserves.

This is a developing story.

Please share this article