“The Zachxbt cryptoodetact reported suspicious outflows of more than $ 1.46 billion from the BYBIT account. Soon CEO bybit Ben Zou confirmed the assumption of evil. Bybit eth Multisig Cold Wallet Just Made A Transfer to Our Warm Wallet About 1 HR Ago. IT APEARS THAT This SPECIFIC TRANSACTION WAS MUSKED, ALL The SIGNers SAW The MUSKED UI WHICH SHOWED THEI […]”, – WRITE: Businessua.com.ua
The Zachxbt cryptoodetact reported suspicious outflows of more than $ 1.46 billion from the BYBIT account. Soon CEO bybit Ben Zou confirmed the assumption of evil.
Bybit eth Multisig Cold Wallet Just Made A Transfer to Our Warm Wallet About 1 HR Ago. IT APEARS THAT THIS SPECIFIC TRANSACTION WAS MUSKED, ALL The SIGNers SAW The MUSKED UI WHICH SHOWED The CORRECT Address and the URL WAS FROM @Safe. However The Signing Message Was to Change…
– Ben Zhou (@benbybit) February 21, 2025
He stressed that only one wallet, the other funds were in order, and the withdrawals remain available.
According to the official statement of the exchange, the incident occurred during the transfer of ETH from a cold multi-storage to a hot wallet.
BYBIT DETICTED UNAUTORIZED ACTIVITY INVOLVING ONE OF OUR ETH COLD WALLETS. The incident Occurred WHEN OUR MULTISIG COLD WALLET Execurated A Transfer to Our Warm Wallet. Unfortunately, this transaction was manipulated Through a sophisticated attacked that masked the signing…
– Bybit (@bybit_official) February 21, 2025
The attackers replaced the transaction signing interface so that all participants of the procedure saw the correct address. In this case, the logic of the smart contract was changed, and the hackers received control of the ETH wallet and brought all the funds to the unidentified address.
The team is investigating the attack together with experts and partners. Users have been assured of saving their funds. Operations did not stop the platform.
According to Zachxbt, unknown already exchanged some of the stolen Meth and Steth tokens on ETH through decentralized exchanges. 10,000 ETH were divided between 36 wallets. The investigator called on Kryptoplatform operators to block suspicious addresses from the list provided.
The founder of Defi Llama 0xngmi noted that the methods of hackers in this attack are similar to the incident with the WazirX Indian Exchange, which suffered approximately $ 235 million losses in July 2024. At that time, the attackers also used manipulations with transactions.
We will remind, according to Chainalysis, the loss from cryptoshachra in 2024 amounted to at least $ 9.9 billion.
The gun
Please wait …