Hacker steals record $1.46 billion from Bybit ETH cold wallet

Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.

"The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic," Bybit explained.

"As a result, the attacker was able to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address."

The crypto exchange says its security team is now investigating the incident with the help of external blockchain forensic experts. According to Bybit, anyone with the expertise to help track the stolen funds is also welcome to assist.

Bybit says all other cold wallets are fully secure, client funds are safe, and exchange operations were undisrupted by the incident.

"Please rest assured that all other cold wallets are secure. I will keep you guys posted as more develops, If any team can help us to track the stolen fund will be appreciated," Bybit's CEO said.

"Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss."

According to crypto fraud investigator ZachXBT, the exploiter has already split 10,000 ETH out of the roughly 401,346 ETH stolen in the attack to 48 addresses.

Largest crypto hack in history

With $1.46 billion worth of cryptocurrency stolen in a single attack, this is now the largest cryptocurrency hack ever, almost doubling the previous record.

In March 2022, Sky Mavis disclosed that attackers stole $620 million in cryptocurrency (173,600 Ethereum and 25.5M USDC tokens) from Axie Infinity's Ronin network bridge. In April 2022, the FBI linked that incident to two North Korean hacking groups, Lazarus and BlueNorOff (aka APT38).

One year earlier, in August 2021, a threat actor stole $611 million in Binance Chain, Ethereum, and Polygon assets from decentralized cross-chain protocol and network Poly Network.

The United States, South Korea, and Japan said in January that North Korean state-backed hacking groups stole over $659 million worth of cryptocurrency last year.

However, one month earlier, blockchain analysis company Chainalysis painted a more dire picture, saying North Korean hackers stole $1.34 billion in cryptocurrency in 47 cyberattacks throughout 2024, breaking their previous record of $1.1 billion from 2022.