Bybit Exchange Breached, $1.4 Billion in stETH Stolen

Crypto exchange Bybit has confirmed a significant loss of Ethereum (ETH) from one of its cold wallets, resulting from a highly advanced phishing attack. 

The stolen assets, which include liquid-staked Ether (stETH) and MegaETH (mETH), were valued at over $1.4 billion, according to on-chain security analyst ZackXBT.

Despite the attack, Bybit CEO Ben Zhou reassured users, stating that the exchange remains solvent, with all client assets 1:1 backed. He confirmed that even if the stolen funds are not recovered, Bybit can cover the loss.

This breach follows a series of high-profile security incidents in 2024 and early 2025, which have drained funds from several crypto exchanges. The broader crypto industry has seen an increase in hacks and scam-related activities throughout February 2025.

Following the breach, the on-chain investigator urged users to blacklist addresses linked to the hack. Zhou provided further details, revealing that a transfer from the exchange’s multisignature wallet to a warm wallet occurred about an hour before the hack. The transaction was disguised to appear legitimate but contained malicious code designed to alter the wallet’s smart contract logic and siphon off funds.

Despite the setback, Zhou reassured customers that Bybit is fully capable of covering the loss, emphasizing that the exchange is solvent and all client assets are securely backed.

Disclaimer

This article is provided for informational purposes only and does not constitute legal, financial, or professional advice. All content is based on publicly available information and personal opinions. Readers are advised to seek professional guidance before making any decisions or taking any actions based upon the material presented. The author and publisher assume no liability for any actions taken or not taken by the reader based on the information contained herein.