Hackers Attack Bybit: $1.4 Billion ETH Stolen

According to the exchange CEO's admission, a user interface spoofing attack allowed hackers to change smart contracts and withdraw funds from Bybit's cold wallet.

Bybit suffered a security breach that resulted in the loss of approximately $1.4 billion in ETH and stETH . The incident was discovered by analyst ZachXBT and later confirmed by Bybit, demonstrating the sophisticated nature of the attack.

Bybit CEO Ben Zhou said the attack used UI spoofing, manipulating the interface of the ETH cold storage multi-signature wallet. The hacker created a fake but legitimate-looking transaction approval screen, tricking the wallet signer.

“The signers saw a manipulated interface that appeared to come from Safe,”  Zhou explained, referring to  the multi-signature wallet management platform  .  “In fact, they accidentally allowed the smart contract logic of our ETH cold wallet to be modified, allowing the hackers to gain complete control and steal over a billion dollars in funds.”

Zhou assured that  all other cold wallets are safe  and  withdrawals are still going through normally . The exchange is currently working with security experts to track down the stolen funds .

Bybit Pauses ETH Deposits
Bybit suspended ETH deposits following the attack but still allowed withdrawals. The exchange is investigating the incident and looking to recover the stolen funds. Mantle 's MNT token , which was previously linked to Bybit, fell 13% following the incident.