Bybit Suffers $1.4 Billion Ethereum Hack
Bybit exchange hacked; $1.4 billion in ETH and stETH stolen. User funds remain secure.
- Bybit loses $1.4 billion in ETH and stETH due to phishing attack.
- Attackers exploited a cold wallet via masked UI spoofing.
- User funds are unaffected; withdrawals continue as normal.
Phishing Attack Leads to Massive Loss
On February 21, 2025, cryptocurrency exchange Bybit experienced a significant security breach, resulting in the loss of over $1.4 billion in Ethereum (ETH) and staked Ethereum (stETH). The breach was identified as a sophisticated phishing attack targeting one of Bybit’s cold wallets. On-chain analyst ZachXBT first reported the suspicious outflows, noting that approximately $1.46 billion had been transferred from Bybit’s wallets.
Exploiting Cold Wallets Through Masked UI Spoofing
The attackers employed a technique known as masked UI spoofing. This method deceived Bybit’s security team into authorizing a malicious transaction by presenting a legitimate-looking user interface. The interface displayed the correct wallet address and URL, making the transaction appear authentic. However, the underlying transaction contained malicious code that altered the smart contract logic of the targeted cold wallet, granting the attackers control and enabling them to drain its ETH holdings.
JUST IN: Bybit crypto exchange hacked, $1.4 billion $ETH and $stETH stolen, ZachXBT reports.
— Watcher.Guru (@WatcherGuru) February 21, 2025
User Funds Remain Secure
Despite the substantial loss, Bybit has assured its users that the breach was isolated to a single cold wallet. All other cold wallets remain secure, and user withdrawals are proceeding without interruption. The exchange emphasized that customer funds are safe and that the stolen assets represent only a portion of their overall reserves
