- CEO confirms Bybit was exploited for $1.4 billion in ETH.
- Despite the massive loss, Bybit remains solvent and can cover the losses, Ben Zhou says in a post on X.
Bybit has suffered a major breach in which a hacker stole and staked more than $1.4 billion worth of ETH.
Ben Zhou, the CEO of the crypto exchange, confirmed the hack on X on Friday, explaining that the attacker exploited a vulnerability that allowed them to drain one of the exchange’s ETH cold wallets. News of the incident — one of the largest hacks in the market — pushed several crypto prices lower.
Ethereum’s price gave back some of its intraday gains, although the market reaction remained relatively muted at the time of writing.
Exchange is solvent, says Bybit CEO
Bybit also posted an update with details about the incident:
“Bybit detected unauthorized activity related to one of our ETH cold wallets. The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, that transaction was manipulated by a sophisticated attack that masked the signing interface, displayed the expected address, and altered the underlying smart contract logic. As a result, the attacker gained control of the affected ETH cold wallet and moved its assets to an unknown address.”
Although the exchange was hit by the attack, Zhou stated that Bybit remains “solvent” and can cover the losses. He also noted that customer withdrawals were not affected. “Bybit is solvent, even if this hack loss is not recovered,” he wrote on X. “All customer assets are covered 1-for-1; we can absorb the loss.”
Several blockchain security firms and researchers, including ZachXBT, observed that the hacker had already begun moving funds to new addresses.
Meanwhile, blockchain intelligence firm Arkham announced a reward as ecosystem participants work to unmask the attacker’s identity.