Cryptocurrency exchange Bybit has suffered a massive security breach, losing over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH), and other ERC-20 tokens. The hack was first identified by onchain security analyst ZachXBT, who urged users to blacklist addresses associated with the exploit.
Bybit’s co-founder and CEO, Ben Zhou, confirmed the breach, explaining that the attackers used malicious source code to manipulate the smart contract logic of a warm wallet. The transfer, which originated from Bybit’s multisignature wallet, initially appeared legitimate but was designed to siphon funds. Despite the breach, Zhou reassured customers that all other cold wallets remained secure and that withdrawals were still functioning normally.
Market Impact and Bybit’s Response
The hack sent shockwaves through the crypto market, with Ether (ETH) prices dropping over 3% following confirmation of the breach. Zhou assured users that Bybit remains solvent, stating, “Even if this hack loss is not recovered, all client assets are 1:1 backed—we can cover the loss.” The exchange also emphasized that operations would continue without disruption.
Bybit executives have since provided further details, revealing that the malicious transaction activity was disguised as a routine transfer and was mistakenly approved by their internal team. Head of derivatives and institutions, Shunyet Jan, explained that while Bybit has sufficient funds to cover losses, the exchange lacks enough ETH to process withdrawal requests in-kind. As a result, Bybit is securing a bridge loan to facilitate withdrawals.
Rising Crypto Security Threats in February 2025
Bybit’s security breach is part of a larger trend of rising cyberattacks in the crypto space. In February 2025 alone, several high-profile hacks and scams have occurred. On Feb. 14, ZkLend, a money-market protocol on Starknet, lost $9.5 million in an exploit. The hacker attempted to launder the stolen funds through Ethereum and Railgun, but Railgun returned them.
Earlier in the month, decentralized exchange Jupiter and former Malaysian Prime Minister Mahathir Mohamad’s social media accounts were compromised to promote fake memecoins. Additionally, Eliza Labs founder Shaw Walters had his X account hijacked, despite having two-factor authentication enabled.
Bybit’s hack underscores the increasing sophistication of cyber threats in the crypto space. As exchanges and protocols work to strengthen security measures, the industry faces ongoing challenges in combating these evolving attacks.
For more news, find me on Twitter Giannis Andreou and subscribe to My channels Youtube and Rumble
What is your opinion on this particular topic? Leave us your comment below! We are always interested in your opinion!
