Recently, the Dubai-based cryptocurrency exchange Bybit was hacked, resulting in a loss of nearly $1.5 billion in digital assets.
Data from blockchain analytics firm Elliptic shows that this hack has become the largest-scale crypto theft in history, surpassing the $611 million theft loss suffered by Poly Network in 2021.
The attack occurred on an offline Ethereum wallet of Bybit. Blockchain analyst ZachXBT posted on Telegram that the hacker transferred about $1.46 billion worth of assets (over 400,000 Ethereum) out of the wallet through a series of suspicious transactions. Research company Arkham Intelligence also confirmed that about $1.4 billion flowed out of the exchange and posted on platform X: "These funds have begun to be transferred to new addresses and are being sold."
Bybit stated that after the incident, there was a surge in withdrawal requests.
CEO and founder Ben Zhou said this might be "the most severe hack in history," and all functions of Bybit have now returned to normal, including the withdrawal system, where people can "withdraw any amount without any delay."
Bybit described the theft as an "isolated incident" and stated that all other wallets and assets are secure, and customer funds were not affected.
The company is working with "blockchain forensics experts" to track the stolen funds, and the case has also been reported to the "relevant authorities."
It is noteworthy that many industry partners are working overnight to help Bybit find a solution. The company posted on X: "One of the best technical experts spent hours identifying the root cause and provided Bybit with the first investigation report. He even took the first flight to Dubai and joined our security team to assist in the ongoing investigation."
Currently, the company's assets exceed $20 billion, enough to cover the theft losses. If necessary, it will use bridge loans to ensure the availability of user funds.
CEO Ben Zhou posted on X: "Even if the losses from this hack cannot be recovered, Bybit is solvent."
It is reported that Bybit was launched in 2018, has over 40 million users worldwide, and is the second-largest cryptocurrency exchange globally.
Bybit stated that if cybersecurity experts can help fully recover the losses, they will receive a reward of up to $140 million.
Bybit is calling on cybersecurity and cryptocurrency experts to join the hunt for the hackers, with 10% of the recovered amount as their reward.
Bybit CEO Ben Zhou also acknowledged the incident on platform X. To address customer concerns, Zhou also conducted a live broadcast, emphasizing the security of the exchange's funds and revealing that the platform has applied for bridge loans with partners, having raised about 80% of the funds to cover the losses. Meanwhile, Bybit will attempt to recover the funds and take necessary legal actions against the hackers.
Zhou assured users during the live broadcast: "Your funds are safe, and our withdrawal channels remain open. After the hacking incident, the exchange has processed over 70% of withdrawal requests." He also mentioned that the exchange has not purchased any Ethereum to compensate for the stolen assets.
This hacking incident has had a significant impact on the cryptocurrency market. Once the incident was exposed, the price of Ethereum dropped by 6.7% on the same day, and Bitcoin also fell nearly 3% from its high of the day. Additionally, the "synthetic dollar" token USDe, popular among cryptocurrency traders, was also affected, briefly losing its 1:1 peg with the dollar, falling to $0.98.
Founded in 2018, Bybit is one of the largest cryptocurrency exchanges globally, with a daily trading volume exceeding $36 billion. According to CoinMarketCap data, Bybit had about $16.2 billion in platform assets before the hacking incident, meaning the stolen Ethereum accounted for about 9% of its total assets.
