20 hours ago
13 ARTICLE AD
Attackers used social engineering to bypass bybit's defenses, manipulating smart contracts for massive theft.
Key Takeaways
Bybit lost $1.4 billion due to a phishing attack impacting a cold wallet. The attack involved mETH and stETH tokens swapped for ETH through a sophisticated scheme. <?xml encoding="UTF-8"?>Crypto exchange Bybit has confirmed a major loss of Ethereum (ETH) from one of its cold wallets, estimated to be over $1.4 billion, due to a highly sophisticated phishing attack. The incident came to light after on-chain analyst ZachXBT flagged suspicious outflows from Bybit wallets, totaling $1.46 billion.
ZachXBT initially alerted the community, noting the massive outflow and the swapping of mETH and stETH for ETH on decentralized exchanges (DEXs). Sources later confirmed to ZachXBT that the activity stemmed from a security incident.
Bybit CEO confirmed the exploit. In a statement issued briefly after the incident surfaced, he said that attackers employed a technique likely involving a “musked” transaction.
This involved deceiving Bybit’s team into authorizing a malicious transaction by displaying a legitimate-looking user interface. The UI showed the correct address and URL from Safe, a widely used wallet management platform, making the transaction appear authentic.
However, the actual transaction signed by the Bybit team contained malicious code that altered the smart contract logic of the targeted cold wallet. This effectively granted the attackers control, allowing them to drain the wallet of its ETH holdings.
Bybit emphasized that only one cold wallet was compromised and that all other cold wallets remain secure. The exchange also reassured users that withdrawals are proceeding normally, indicating that the stolen funds represent a portion of their overall reserves.
Disclaimer
