Bybit CEO and founder Ben Zhou
Dubai-based cryptocurrency exchange Bybit has confirmed the loss of $1.5bn (approximately Dh5.51bn) in digital assets after hackers carried out a “sophisticated attack”, marking the biggest such heist in the industry’s history.
An attacker allegedly gained control of an ether cold wallet and transferred around $1.5bn worth of holdings to an unidentified address. The company says the incident has led to a “surge” in withdrawal requests, but that withdrawals have not been halted and all other wallets remain secure.
CEO and founder Ben Zhou described the breach as the “worst hack possibly in the history of any medians (banks, crypto, finance)”.
He added that all Bybit functions remain fully operational, with the withdrawal system now back to normal so that users can “withdraw any amount and experience no delays”. In the “sleepless” hours following the attack, the company revealed it had borrowed Ethereum (ETH) to facilitate withdrawals.
Explaining what happened, Bybit stated it detected “unauthorised activity” within an ETH cold wallet during a routine transfer process, with hackers manipulating the transaction and resulting in the loss of over 400,000 ETH. The theft has been called an “isolated incident”, with the company asserting that all other cold wallets and assets are secure and client funds unaffected.
Apologising for the incident, Zhou said: “We want to reassure you that all other Bybit Cold Wallets are safe, and client funds are unaffected and remain secure.”
At a valuation of over $20bn, Bybit has declared that it has “more than enough assets” to cover the loss and will use a bridge loan if necessary to ensure the availability of user funds.
In a post on X, CEO Zhou stated: “Bybit is solvent even if this hack loss is not recovered, all … clients assets are 1:1 backed, we can cover the loss,” and later reiterated: “Bybit is solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss,”
The exchange is now working with “leading blockchain forensic experts” to trace the stolen funds.
It added, “Our security team is investigating the root cause, with particular attention being given to a potential vulnerability in the user interface of the Safe.global platform, which may have been exploited during the transaction process.”
The case has been reported to the “appropriate authorities”, and Bybit has taken steps to “mitigate and counter the ability” of the hackers in “disposing and dumping the ETH on the markets via legitimate marketplace, narrowing the available outlets of disposal.”
Highlighting the effort that followed, the company noted, “One of the most brilliant tech experts dedicated hours to identifying the root cause and provided Bybit with the first investigation report. The depth and professionalism of this report are remarkable. He even took the first flight to Dubai on his own initiative to join our security team and assist in the ongoing investigation—purely out of commitment to the industry,” in a post on X.
In a separate statement, Bybit said, “All client funds are safe, and our operations continue as usual without any disruption.” The exchange reportedly caters to a vast user base of over 40 million users.
Ben Zhou’s Livestream on the Latest ETH Wallet Incident LIVE now. https://t.co/mBwD9ubGIl
— Bybit (@Bybit_Official) February 21, 2025
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js?v=next’);
