Dubai-based cryptocurrency exchange Bybit has fallen victim to the largest hack in the history of digital assets, with attackers exploiting the platform for over $1.44 billion in Ethereum (ETH) on February 21.
The unprecedented scale of this cyberattack accounts for more than 60% of all crypto funds stolen in 2024, setting a new record for the industry’s most significant security breach.
Despite the devastating attack, Bybit has assured users that customer funds remain intact, with the exchange fully operational and committed to bearing any losses.
CertiK and Wall Street Journal Confirm Largest Theft in Crypto History
The Wall Street Journal, citing Web3.0 security agency CertiK, confirmed that this Bybit exploit is the largest single theft in cryptocurrency history.
In response, Bybit swiftly reported the incident to relevant authorities and assured the public that all exchange functions, including withdrawals and trading, remain unaffected.
CEO Ben Zhou emphasized that Bybit maintains solvency and will ensure all user losses are covered.
Following the attack, withdrawal requests were successfully processed, and the system has now resumed normal operations.
How the Bybit Attack Was Executed
According to blockchain security firm SlowMist, the attackers gained unauthorized access through internal network monitoring, likely by infiltrating official Bybit staff computers.
The hackers forged a digital signature, granting them control over Bybit’s multi-signature wallet, allowing them to move funds undetected.
Speculation suggests that multiple macOS and Windows computers were compromised, giving the attackers prolonged access to internal chat logs, transaction schedules, and operational details.
Bybit CEO: “I Didn’t Sleep All Night” Amid Crisis
Bybit co-founder and CEO Ben Zhou took to the X platform (formerly Twitter) to share his personal account of the attack, revealing that he learned about the breach at approximately 10 PM on February 21.
He admitted to working through the night to manage the crisis and ensure the safety of user funds.
His stress levels were reportedly high, as he joked about wearing a WHOOP watch to monitor his well-being during the emergency.
While the full scale of the losses is yet to settle in, Zhou reassured users that Bybit remains financially stable and fully operational.
Bybit Still Holds Over $19.5 Billion in Assets
Despite the hack, Bybit’s total assets remain above $19.5 billion, according to Arkham platform data.
The exchange still holds over 450,000 ETH, valued at approximately $1.2 billion, along with significant reserves in Bitcoin (BTC), Tether (USDT), Mantle (MNT), and USD Coin (USDC).
These figures highlight Bybit’s strong financial position despite the substantial theft, reassuring investors and users about the exchange’s ongoing liquidity and stability.
Also Read: AI16Z Founder’s X Account Hacked, Scammers Spread Phony Eliza Link
Bybit Confirms User Funds Are Safe, Withdrawal System Fully Restored
Despite the historic $1.44 billion hack, Bybit has assured users that all funds remain secure and that its withdrawal system is now fully operational.
CEO Ben Zhou confirmed in a statement on X (formerly Twitter) that all pending withdrawals have been processed, and users can now access their funds without any delays or restrictions.
Zhou acknowledged the severity of the incident, calling it the “worst hacker attack in history,” but emphasized that Bybit remains solvent and fully capable of covering any losses.
He also reassured users that a full security review is underway, with the exchange planning to release a detailed incident report outlining the breach, how it was handled, and the enhanced security measures being implemented to prevent future attacks.
Bybit expressed gratitude to customers, partners, and industry supporters who stood by the exchange during the crisis.
While the immediate damage has been contained, Zhou emphasized that “the real work has just begun,” as Bybit now focuses on strengthening its security infrastructure to safeguard against future cyber threats.
Bybit Hack Triggers Major Market Reactions and Liquidations
The attack had widespread effects across the crypto market, with liquidations surpassing $325 million within 12 hours of the breach.
According to Coinglass data, ETH liquidations alone accounted for $87.9 million, with $265 million in long positions and $59.4 million in short positions being wiped out.
Furthermore, data from Deflama revealed a net outflow of $2.675 billion from Bybit, as traders scrambled to move funds to alternative exchanges.
In contrast, Binance recorded a net inflow of $1.046 billion, indicating a shift in user trust toward the industry’s largest exchange.
Bybit Hacker Now Ranks as 14th Largest ETH Holder
According to Coinbase director Conor Grogan, the Bybit hacker has become the 14th largest Ethereum holder in the world, possessing 0.42% of Ethereum’s total supply.
More than Fidelity Investments, Ethereum co-founder Vitalik Buterin, and twice the holdings of the Ethereum Foundation.
Experts suspect North Korean cybercriminals could be behind the attack, given previous large-scale hacks in the crypto industry.
Bybit has promised to release a full incident report and security roadmap in the coming days to address vulnerabilities and prevent future breaches.
Despite the setback, the exchange remains committed to transparency, security, and user protection.
SlowMist Warns Bybit Hack Is Not an Isolated Case
Blockchain security firm SlowMist has warned that Bybit is not the only platform at risk, revealing that the attackers tampered with the front-end of Safe, a multi-signature wallet system, to execute the hack.
SlowMist’s Yuxian emphasized that the Safe smart contract itself was not compromised, but rather the front-end interface was manipulated to create a deceptive effect, tricking users and administrators.
The method of attack has been used before, with North Korean hackers previously infiltrating multiple crypto platforms, including WazirX, where $230 million was stolen through a Safe multi-signature vulnerability.
Radiant Capital, which lost $50 million via a Safe multi-signature exploit, and DMM, where $305 million was stolen through a Gonco multi-signature breach.
These incidents highlight an evolving trend in cyberattacks on crypto exchanges, signaling the need for heightened security measures across the industry.
SlowMist has urged companies to enhance front-end security protocols to prevent similar breaches in the future.
Also Read: BNB Chain-Based Four.Meme Suffers Security Breach Of $200K As Crypto Hacks Continue