In a turn of events that would make even the most seasoned cynic raise an eyebrow, ByBit exchange has found itself the unwitting star of a rather unfortunate drama, having lost a staggering $1.5 billion in ETH on the 21st of February. One can only imagine the collective gasp from the crypto community, akin to a Victorian drawing-room upon hearing a scandalous rumor.
While the entire platform remains unscathedâthank heavens for small merciesâone of its multi-signature cold wallets has been thoroughly compromised. The hacker, it seems, managed to outwit the ByBit team with the finesse of a seasoned con artist, withdrawing billions as if they were merely borrowing a cup of sugar.
This latest escapade echoes the infamous WazirX hack of yore, where a mere $234.9 million was spirited away with similar aplomb. One can only wonder if these hackers are attending the same masterclass in digital larceny.
As it stands, ByBit has assured its users that their funds are safe, boasting a 1:1 reserve ratio. Yet, one cannot help but picture the anxious faces of millions of users, akin to children left alone in a candy store with a sign that reads âClosed for Repairs.â
Now, let us delve into the sordid details of how this grand heist unfolded, shall we?
The Mechanics of Mayhem: How Did the ByBit Hack Occur?
As is customary in the realm of crypto calamities, cold wallets and multisig wallets are at the heart of this debacle. ByBit, like its contemporaries, employs multisig wallets to add a veneer of security to user funds. These wallets, requiring multiple approvals, are meant to be the digital equivalent of a bank vaultâalbeit one with a rather flimsy lock.
The Art of Musking
In a stroke of sheer audacity, the hackers employed a technique dubbed âMusking,â as elucidated by Bybitâs own CEO, Ben Zhou. This delightful term refers to a form of UI spoofing, where the transaction details are artfully altered, leading the unsuspecting signers to believe they are executing a benign transaction. Itâs like convincing a bank teller that a counterfeit check is, in fact, a winning lottery ticket.
Hereâs how the ruse unfolded:
- Fake Transaction Interface
The hackers, with the cunning of a fox in a henhouse, manipulated Bybitâs transaction interfaceâcourtesy of the esteemed security firm Safeâcrafting a request that looked as legitimate as a royal decree.
- Approval from Bybit Multisig Signers
Believing they were merely signing off on a routine transfer, the Bybit team unwittingly approved the transaction, likely thinking it was just another day at the office. Little did they know, they were signing away a cool $1.3 billion in one fell swoop.
- Control of the Wallet
With the signatures in hand, the hackers seized control of the wallet, moving the funds with the alacrity of a cat burglar in the night. Itâs worth noting that not all wallets were compromisedâonly the one assigned to that particular multisig was accessed. A small mercy, perhaps?
- Transfer of Funds
Once in control, the hackers began their merry dance, transferring funds to a plethora of unknown addresses. According to Arkham Intelligence, the nefarious individual now holds a staggering $1.3 billion of stolen ETH across 53 different wallets. One can only imagine the hackerâs glee, akin to a child in a candy store.
WEâVE COMPILED A LIST OF BYBIT HACKER WALLETS
The Bybit Hacker currently holds $1.37B of ETH and has used 53 wallets so far.
Wallet list below:
â Arkham (@arkham) February 21, 2025
What Do the Experts Say?
While the incident may appear straightforward to the untrained eye, the intricacies of the security breach are anything but. A team of blockchain security experts, aptly named Dilation Effect, posits that only one signer needed to be compromised for the attack to succeed, thanks to a rather sophisticated social engineering ploy.
Experts suggest that by scrutinizing the on-chain transactions, one can observe the attacker executing the transfer function of a malicious contract through a delegatecall. The transfer code, employing the SSTORE instruction, cleverly modifies the value of slot 0, thereby altering the implementation address of the Bybit cold wallet multisig contract to the attackerâs own address. Quite the clever ruse, wouldnât you agree?
The Current Status of Stolen Funds
As the hacker has deftly transferred assets to various addresses, tracking the funds has become a Herculean task. Unlike previous escapades, this time the hacker has refrained from sending funds to the crypto mixer Tornado Cash, opting instead for a more subtle approach. Perhaps theyâre saving that for a rainy day?
This latest debacle has once again ignited security concerns within the crypto sphere. Despite the implementation of cutting-edge security measures, it appears that hackers continue to outsmart the system. However, as the funds remain nestled in Ethereum wallets, there lingers a glimmer of hope for potential white-hat recovery, as the hackers seem reluctant to vanish entirely from the public eye.
Read More
- 10 Most Anticipated Anime of 2025
- USD CNY PREDICTION
- Pi Network (PI) Price Prediction for 2025
- Silver Rate Forecast
- Gold Rate Forecast
- USD MXN PREDICTION
- USD JPY PREDICTION
- Brent Oil Forecast
- EUR CNY PREDICTION
- How to Watch 2025 NBA Draft Live Online Without Cable
2025-02-21 22:31