Over $1.4 Billion in stETH and mETH Stolen in Bybit Hack
On February 21, 2025, cryptocurrency exchange Bybit experienced a massive security breach, resulting in the loss of more than $1.4 billion in liquid-staked Ether (stETH) and MegaETH (mETH). On-chain security analyst ZackXBT was the first to report the attack, urging the crypto community to blacklist the hacker’s addresses.
How the Hack Unfolded
Bybit’s co-founder and CEO, Ben Zhou, confirmed the breach, detailing how the attack was executed. Roughly an hour before the incident was made public, a transfer was initiated from the exchange’s multisignature wallet to a warm wallet. While this transaction appeared legitimate, it contained malicious code that altered the smart contract’s logic, allowing hackers to siphon off the funds.
Zhou reassured users that all other cold wallets remained secure and that withdrawals were operating as usual. He also called on the crypto community to help trace the stolen assets.
Ongoing Security Risks in Crypto Exchanges
This incident highlights the ongoing security challenges faced by centralized cryptocurrency exchanges. Despite implementing advanced protective measures, hackers continue to find vulnerabilities to exploit.
To mitigate risks, users should:
- Store assets in hardware wallets or other cold storage solutions.
- Regularly update security protocols and enable two-factor authentication (2FA).
- Stay informed about the security practices of exchanges they use.
The Bybit hack serves as a stark reminder of the importance of robust security measures in the crypto space. As cyber threats evolve, traders and investors must take proactive steps to safeguard their digital assets.
