The Bybit incident reflects the vulnerability of the entire crypto industry in security protection.

Author: Beosin

At 11:20 pm Beijing time on February 21, ZachXBT posted an article revealing a shocking news in the crypto industry: "Suspicious fund outflows detected from Bybit, with a scale of up to $1.46 Billion." This incident has drawn widespread attention across the crypto space.

According to the monitoring data of the blockchain security and compliance company Beosin Trace, Bybit indeed encountered an unprecedented security incident, resulting in the withdrawal of approximately $1.44 Billion in assets. The stolen assets include:

401,347 ETH, worth $1.12 Billion; 90,376 stETH, worth $253.16 Million; 15,000 cmETH, worth $44.13 Million; 8,000 mETH, worth $23 Million.

Over $1.4 Billion in ETH-related assets, perhaps the largest security incident in the history of the crypto industry in terms of the amount stolen, further exacerbating market concerns about ETH price performance and Bybit's asset security.

Hacker Tactics and Incident Details

Subsequent investigations revealed the specific details of the attack on Bybit. Bybit's co-founder Ben Zhou confirmed the incident in a timely manner, stating that Bybit's official cold wallet was hacked, and they have started to deal with the relevant security issues urgently.

The Beosin security team analyzed that the attack method in this incident is similar to the WazirX case, which is to deceive through the front-end UI, making the multi-signature wallet sign malicious content, and tampering with the logic implementation contract of the multi-signature wallet, resulting in the transfer of funds from the multi-signature wallet.

Beosin Trace has tracked the funds, which are currently divided into groups of 10,000 ETH and settled in more than 40 Ethereum addresses. All the hacker addresses have been added to the Beosin label library, and Beosin KYT will alert on all fund transfers involving the hacker addresses.

After the Beosin security team analyzed the initial attack address of the hacker, it was found that the gas fee funds of the address came from Binance.

The corresponding 4 Binance withdrawal transaction Hashes are:

0x64953fc1432bf106f5e8d6b0927a39130865fec013d8403bba8fc4382515884c

0xb9f9e43dc23bdb7b231925dc01e828990d3f84b8ad3305e83ffb6848711f871c

0xd6d871deece52f15e3f2c523dffad4b85c63125d72e4de702445a654de5ce100

0x0afa81cc9c0b0bfc4a9cd46c33bcdecf58199513e7c051e5a9df1617c211f69f

Bybit's Response and Actions

At 12:07 am on the 22nd, Bybit co-founder Ben Zhou responded: "Even though the losses from this hacker attack cannot be recovered, Bybit's assets are still 1:1 guaranteed, and we can bear the losses."

On the morning of the 22nd at 8:54 AM, Bybit co-founder and CEO Ben Zhou posted on the X platform stating: "Since the hacking incident (10 hours ago), Bybit has experienced the most withdrawals we have ever encountered, with a total of over 350,000 withdrawal requests received, and about 2,100 withdrawal requests still pending. Overall, 99.994% of withdrawal requests have been successfully processed. If your withdrawal has been completed, please leave a message here. Although we may have faced the most severe hacking attack in the history of any platform (including banks, crypto, and finance), all Bybit functions and products are still operating normally. The entire team has been working through the night to address and respond to customer issues and concerns. All hands on deck. Rest assured, we are with you."

At 10:51 AM, Ben Zhou posted on the X platform stating: "12 hours have passed since the most severe hacking incident in history. All withdrawals have been processed. Our withdrawal system has now fully recovered to normal speed, and you can withdraw any amount without any delays. Thank you for your patience, and we deeply apologize for this. Bybit will release a full incident report and security measures in the coming days. I will also personally update you on any new developments. Thank you to our customers, friends, and partners who have helped and supported us during these painful 12 hours. The real work has just begun."

Industry Alarm on Security Issues

Bybit's experience reflects the fragility of the entire crypto industry in terms of security protection. The decentralized nature of the crypto asset market and the operational model of exchanges have always posed significant security risks. As the hub of crypto assets, the security issues of centralized exchanges directly affect the asset safety of users and the stability of the entire market.

In fact, security incidents in the crypto industry are commonplace. Historically, many exchanges and platforms have experienced similar hacking attacks, and even more severe theft of funds. For example, the explosive Mt. Gox incident, or the recent theft cases at exchanges like WazirX and Kucoin, have all shaken the crypto market. The occurrence of the Bybit incident has once again sounded the alarm for the industry.

The hacking attack on Bybit is not only a technical lesson for the crypto platform, but also a profound warning to the entire crypto industry. The security issues of exchanges are directly related to the healthy development of the market, and there is still a lot of work to be done by industry players to strengthen security protection and improve technical capabilities. For users, enhancing risk awareness and choosing platforms with higher security will also be an indispensable part of future digital asset investment.

Disclaimer: As a blockchain information platform, the articles published on this site only represent the personal views of the authors and guests, and are not related to the position of Web3Caff. The information in the articles is for reference only and does not constitute any investment advice or offer, and please comply with the relevant laws and regulations of your country or region.