Cryptocurrency exchange Bybit has reportedly lost over $1.4 billion in liquid-staked Ether (ETH) and MegaETH (mETH) due to a security breach. The incident was flagged by onchain security analyst ZackXBT, who urged users to blacklist addresses linked to the stolen funds, Cointelegraph reported.

Bybit Confirms Breach, Investigates Stolen Funds

Following the recent Bybit security breach, Cyvers Alerts shared their findings on abnormal activity linked to the exchange.

"Our system has detected abnormal activity, including suspicious behavior involving the Bybit Official wallet. Several wallets are exhibiting highly suspicious patterns, and we are actively reaching out to the exchange to warn them," Cyvers Alerts shared on X.

🚨ALERT🚨Our system has detected abnormal activity, including suspicious behavior involving the @Bybit_Official wallet!
Several wallets are exhibiting highly suspicious patterns, and we are actively reaching out to the exchange to warn them. The total affected assets are… pic.twitter.com/iAQqlgU4Rf

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) February 21, 2025

Bybit co-founder and CEO Ben Zhou acknowledged the hack. He stated that a transfer was made from the exchange’s multisignature wallet to a warm wallet about an hour before the breach was identified.

According to Zhou, the transaction appeared legitimate but contained malicious code. He said the attackers altered the smart contract Smart Contract A smart contract is a piece of software that automatically executes a pre-determined set of actions when a certain set of criteria or met. One of the key tenets of smart contracts is their ability to perform credible transactions without third parties and are self-executing, with their conditions written into the lines of code that form themAdditionally, these transactions are both trackable and irreversible. For example, a smart contract could be used to give royalty payouts to a musical artist A smart contract is a piece of software that automatically executes a pre-determined set of actions when a certain set of criteria or met. One of the key tenets of smart contracts is their ability to perform credible transactions without third parties and are self-executing, with their conditions written into the lines of code that form themAdditionally, these transactions are both trackable and irreversible. For example, a smart contract could be used to give royalty payouts to a musical artist Read this Term logic, allowing them to drain funds. Zhou assured users that the exchange Exchange An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectiv An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectiv Read this Term is investigating the breach.

JUST IN: Bybit founder confirms $1.4 billion $ETH hack, asserts solvency even if losses remain uncovered. pic.twitter.com/8rE3KHrGRL

— Whale Insider (@WhaleInsider) February 21, 2025

"Please rest assured that all other cold wallets are secure. All withdrawals are NORMAL. I will keep you guys posted as more develops. If any team can help us to track the stolen fund will be appreciated," Zhou wrote.

Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago. It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe . However the signing message was to change…

— Ben Zhou (@benbybit) February 21, 2025

December Sees Decline in Crypto Theft

After months of rising crypto hacks and scams, losses dropped in December 2024, marking the lowest monthly total of the year. Blockchain security firms CertiK and PeckShield reported $29 million in losses, a sharp decline from October’s peak.

Despite the decrease, notable incidents occurred, including attacks on GemPad and LastPass users. CertiK recorded $28.6 million in losses, down from $63.8 million in November. PeckShield reported $24.7 million in hack-related losses, a 71% month-over-month decrease.

GemPad suffered the most significant exploit, with attackers draining $2.1 million. FEG lost $1 million due to a cross-chain verification error. Hackers also stole $12.3 million from LastPass users following a past data breach, as reported by Finance Magnates.

While December saw a decline, crypto-related thefts in 2024 totalled $2.3 billion, a 40% increase from 2023 but lower than 2022’s $3.78 billion, according to Cyvers' Web3 Security Report.