Bybit has suffered a massive security breach, with hackers stealing nearly $1.5 billion in crypto assets. This is one of the biggest crypto heists ever, and the way it happened is both shocking and sophisticated.
Reports reveal that the attackers exploited a critical weakness in Bybit’s system, using a clever trick to drain funds before anyone could react. Crypto analyst David Leung has broken down exactly what went wrong, exposing major security flaws that left Bybit vulnerable.
So, how did the hackers pull this off? And what does this mean for crypto security? Let’s dive in.
According to Arkham, the breach was carried out using “Blind Signing” – a method where transactions get approved without showing full details. The attackers used this weakness to access Bybit’s ETH cold wallet, transferring nearly $1.5 billion into one wallet before splitting it across multiple addresses.
This hack raises concerns about crypto security and asset recovery. Since there are no uniform international laws for such crimes, recovering stolen funds will be difficult. In response, Bybit has offered a 50,000 ARKM bounty for any information on the hackers, while investigations continue.
The hackers used a trojan contract along with a backdoor contract, targeting Bybit’s upgradeable multisig wallet. They tricked the wallet’s signers into approving what looked like a regular ERC-20 token transfer. However, hidden inside the transaction was a delegate call—a function that altered the wallet’s core logic.
Instead of just transferring tokens, the hackers swapped Bybit’s master contract with their own malicious version, giving them full control over the wallet. Once inside, they quickly drained all ETH, mETH, stETH, and cmETH tokens before Bybit could react.
Leung pointed out several red flags that should have blocked the attack:
Despite these warning signs, the transaction was approved—suggesting that the attackers had inside knowledge of Bybit’s system.
Leung stressed that stronger security checks before and after signing transactions could have stopped the attack. If independent reviews had been in place, the suspicious elements could have been flagged before approval.
This attack shows how crypto hacks are becoming more advanced, highlighting the urgent need for better security practices across the industry. Crypto exchanges must tighten security measures to prevent similar breaches in the future.
This breach is a stark reminder: in crypto, even the most ‘secure’ platforms can have hidden cracks.
The cryptocurrency market recorded more than $841 million in total forced liquidations during the last…
Ever since the start of the week, the Bitcoin price has been facing significant bearish…
Nimanode, the first no-code AI agent platform built natively on the XRP Ledger (XRPL), is…
With Bitcoin (BTC) ranging between $105,000 and $110,000, attention is gradually shifting to altcoins, causing…
The crypto markets are consolidating ahead of the $5 billion liquidity entering the space, as…
Per reports from crypto commentators, the Ripple price might be soaring to $5 in the…