Bybit hacked for $1.46B in Ethereum wallet security break

Bybit, one of the most active centralized exchanges, has undergone a security incident. Over $1.46B has flowed out to four Ethereum addresses, and some of the funds are being swapped on DEX. 

On-chain investigator ZachXBT noted a series of suspicious outflows from Bybit’s wallets. Cyvers also noted abnormal activity from the Bybit wallets. Previously, the exchange was also attacked by address poisoning unrelated to the current hack. 

🚨ALERT🚨Our system has detected abnormal activity, including suspicious behavior involving the @Bybit_Official wallet!
Several wallets are exhibiting highly suspicious patterns, and we are actively reaching out to the exchange to warn them. The total affected assets are… pic.twitter.com/iAQqlgU4Rf

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) February 21, 2025

The exchange saw outflows of $1.46B for mETH and stETH, which is being swapped back into ETH through DEX. The ETH can then be mixed and remain untraceable, causing one of the first big security incidents against an exchange for 2025. 

Bybit explained the attack as a diversion of funds, which manipulated the destination address. The exchange was otherwise carrying out a routine operation of moving funds between its cold wallet and a hot wallet. 

ZachXBT narrowed down the incident outflows to five flagged wallets, suggesting all other exchanges and services should blacklist them.

Cryptopolitan Academy: FREE Web3 Resume Cheat Sheet - Download Now