A hacker breached Bybit’s ETH cold wallet on Feb. 21, stealing over $1.4 billion in staked Ether, Mantle Staked ETH (mETH), and other ERC-20 tokens. Onchain analyst ZachXBT detected the incident and warned users to blacklist related addresses.
Bybit CEO Ben Zhou confirmed the breach, explaining that a transfer from the exchange’s multisig wallet to a warm wallet contained malicious code that altered smart contract logic to siphon funds. He assured users that other cold wallets remain secure, withdrawals are normal, and client assets are fully backed.
Despite the attack, Bybit stated that operations continue without disruption. The hack, one of the largest in crypto history, triggered a 3% drop in Ether’s price.