Cryptocurrency exchange Bybit on Friday said a cyberattack allowed hackers to steal roughly $1.5 billion worth of digital currency.
Bybit, which claims more than 60 million users and more than $36 billion in daily trading volume, said a sophisticated cyberattack “altered the smart contract logic and masked the signing interface, enabling the attacker to gain control of the ETH Cold Wallet.”
As a result, over 400,000 ETH and stETH worth more than $1.5 billion were transferred to an unidentified address, Bybit said.
The company said that a potential vulnerability in the user interface of the Safe.global platform may have been exploited during the transaction process, but did not provide any technical details.
The company said the news of the hack led to a surge in withdrawal requests, but cryptocurrency holdings with the exchange were safe, despite possible delays in processing withdrawals.
Ben Zhou, CEO of Bybit, said that the exchange would remain solvent even if the stolen crypto funds were not recovered. “Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss,” he noted on X.
Bybit claims to have “more than enough assets to cover the loss, with AUM exceeding $20 billion”, and said it would use a bridge loan if necessary to ensure the availability of user funds.
According to fresh data from Chainalysis, cryptocurrency criminal activity surged in 2024, marking the fifth year in the past decade where losses exceeded $1 billion, with $2.2 billion stolen — a 20% year-over-year increase.
UPDATE: Multiple companies and experts have linked the attack to North Korean hackers.
Related: FBI Blames North Korea for $308M Cryptocurrency Hack as Losses Surge in 2024
