ByBit Crypto Exchange Suffers A “Sophisticated Attack” On One Of Its Ethereum Cold Wallets, The Wallet’s Holdings lost 1.4 billion coins worth

bssunilreddy · 2025-02-22T18:04:20+0530

North Korea’s Lazarus Group Blamed: ByBit Crypto Exchange Suffers A “Sophisticated Attack” On One Of Its Ethereum Cold Wallets, The Wallet’s Holdings Were Transferred To An “Unidentified Address” [Updated]

In what is likely to end up as one of the biggest crypto-related hacks of the past few months, ByBit crypto exchange has lost control over one of its Ethereum cold wallets, resulting in the outright theft of the wallet's content.

To wit, as per ByBit's declaration via an X post, the crypto exchange has suffered a "sophisticated attack" where the attackers were able to mask the signing interface of the exchange's Ethereum multisig cold wallet at a time when that wallet was executing a transfer to the exchange's hot wallet. The mask allowed the attackers to display "the correct address while altering the underlying smart contract logic."

For the benefit of those who might not be aware, cold wallets are usually the safest way of storing cryptocurrencies as the private authentication keys for those wallets are stored on a device that remains cutoff from the internet.

Nonetheless, the hackers in this case were able to target the wallet at a time when a transfer was taking place, manipulating the smart contract logic to divert Ethereum coins to their designated wallet. As per reports that are trickling in, the exchange appears to have lost liquid-staked Ether and MegaETH (mETH) coins worth around $1.4 billion.

ByBit is also seeking competent individuals who can assist in tracking its stolen assets:

"Our security team, alongside leading blockchain forensic experts and partners, is actively investigating the incident. Any teams with expertise in blockchain analytics and fund recovery who can assist in tracing these assets are welcome to collaborate with us."

Critically, ByBit claims that "all client funds are safe, and our operations continue as usual without any disruption."

Today's development comes as crypto platforms lost a whopping $2.2 billion in assets in the FY 2024 to hackers, as per an analysis by Chainalysis. The report went on to note:

"Private key compromises accounted for the largest share of stolen crypto in 2024, at 43.8%."

Of course, such attacks are one of the biggest impediments to the wider adoption of cryptocurrencies such as Bitcoin and Ethereum.

Source: https://wccftech.com/bybit-crypto-e...-were-transferred-to-an-unidentified-address/

Search

Search

ByBit Crypto Exchange Suffers A “Sophisticated Attack” On One Of Its Ethereum Cold Wallets, The Wallet’s Holdings lost 1.4 billion coins worth

bssunilreddy

North Korea’s Lazarus Group Blamed: ByBit Crypto Exchange Suffers A “Sophisticated Attack” On One Of Its Ethereum Cold Wallets, The Wallet’s Holdings Were Transferred To An “Unidentified Address” [Updated]

ByBit Crypto Exchange Suffers A “Sophisticated Attack” On One Of Its Ethereum Cold Wallets, The Wallet’s Holdings lost 1.4 billion coins worth

bssunilreddy

North Korea’s Lazarus Group Blamed: ByBit Crypto Exchange Suffers A “Sophisticated Attack” On One Of Its Ethereum Cold Wallets, The Wallet’s Holdings Were Transferred To An “Unidentified Address” [Updated]​

North Korea’s Lazarus Group Blamed: ByBit Crypto Exchange Suffers A “Sophisticated Attack” On One Of Its Ethereum Cold Wallets, The Wallet’s Holdings Were Transferred To An “Unidentified Address” [Updated]