Bybit 駭客攻擊：14.6億美元瞬間蒸發，幣圈史上最大盜竊案！

Samson2025/02/28

Bybit, the world's leading cryptocurrency exchange, suffered a major hacking attack on February 21st (EST) that resulted in a loss of approximately $1.46 billion (about 400,000 ETH and stETH), making it one of the largest thefts in cryptocurrency history, even surpassing the Poly Network's $611 million hack in 2021, which resulted in the loss of about $1.46 billion (about 400,000 ETH and stETH).

The attack targeted an offline Ether cold wallet at Bybit, where hackers transferred assets to a new address through a series of suspicious transactions that were quickly realized. The announcement triggered panic in the market, with the price of Bitcoin and Ether falling sharply in a short period of time. The price of Ether dropped by about 81 TP3T and Bitcoin by about 4.61 TP3T, while the cryptocurrency market experienced a massive liquidation, with nearly 170,000 people liquidated for a total of US$572 million.

The Exchange's response

Ben Zhou, CEO of Bybit, acknowledged the incident on social media X immediately after the incident and emphasized that the platform is still operating normally. He pointed out that the exchange has been working with its partners to raise funds for the transition. In addition, Bybit emphasized that all customer funds are still safe, that withdrawal channels are still open, and that it successfully processed more than 350,000 withdrawal requests in the 10 hours following the hacking attack.

In addition, other exchanges stepped in to help Bybit stabilize its liquidity. For example, Bitget quickly transferred 40,000 ETH (~$106 million) to Bybit's cold wallet to support its funding stability, and Binance and MEXC also saw funds flow into Bybit, demonstrating the industry's united response.

According to blockchain data analyst DeFiLlama, the Bybit exchange saw a net outflow of $3.6 billion from February 21st through the 27th. This indicates that the market's confidence in the platform has been challenged. Nevertheless, Bybit has launched a campaign to recover the stolen funds and is working with blockchain security firms to investigate the source of the hackers and their methods of attack in order to prevent similar incidents in the future.

The impact of this attack is not only limited to Bybit, but also has far-reaching implications for the cryptocurrency market as a whole. This incident has exposed the vulnerability of crypto exchanges' security mechanisms and has prompted the industry to think about how to further strengthen security measures, such as increasing the defense level of cold wallet management, strengthening multi-signature mechanisms, and even pushing for stricter reserve transparency policies.

The Impact of Hacking on the Cryptocurrency Industry

The Bybit hack was the largest security incident in the history of cryptocurrencies, not only hitting the exchange itself, but also raising questions about the security of centralized exchanges. The Bybit incident proves once again that even larger platforms can't completely eliminate security risks, and may prompt more users to turn to decentralized exchanges to reduce their reliance on centralized organizations.

Historically, DEX trading volume tends to rise significantly whenever a major security incident occurs on a centralized exchange, such as the dramatic growth in trading volume on DEXs like Uniswap and Curve after the FTX crash. This Bybit incident may further motivate institutional investors to choose DEX solutions to reduce third-party risk.

This incident could accelerate the scrutiny of crypto exchanges by regulators, such as the U.S. Securities and Exchange Commission (SEC) and the Financial Action Task Force (FATF), which have been gradually raising the bar on CEX regulation. In the future, regulators may require exchanges to provide more transparent proof of reserves (PoR) and mandate them to purchase hacker insurance to ensure that customer assets are protected even in the event of a major attack, and Binance's SAFU Fund provides a model for the industry to follow, which could partially restore confidence if Bybit establishes a similar protection mechanism.

Event Updates

In a post on X, Ben Zhou said Bybit has completely filled the ETH funding gap and plans to release an audited Proof of Reserve (PoR) report to prove the platform maintains a 1:1 reserve of 100% customer assets to ensure funding transparency. The report will verify the asset status through the Merkle Tree, and Ben Zhou encourages everyone to stay tuned for updates. lookonchain data shows that since Bybit was hacked, Bybit has replenished 446,870 ETH (~US$1.23 billion) in a short period of time through loans, deposits from large accounts, and ETH purchases. ).

Bybit's Approach to Hacking Attacks

CEO Ben Zhou demonstrated a strong sense of crisis management by responding quickly to the incident, adopting a transparent communication strategy, and maintaining withdrawal functionality within a short period of time to minimize market panic. This is in stark contrast to many cryptocurrency exchanges that choose to cover up, delay their response, or even shut down withdrawals in the event of an attack. For example, FTX's bankruptcy was characterized by information confusion, and Binance's delayed response to market pressure caused concern among its users. bybit's response this time was relatively decisive, but we will have to wait and see how it plays out.

How should investors deal with such risks?

The hacking attack on Bybit is another reminder to investors that while the cryptocurrency market is full of opportunities, the safety of your assets is always a priority. When choosing an exchange, you should prioritize security and transparency to reduce potential risks.

First, investors can judge the financial status of exchanges through the Proof of Reserve (PoR), a mechanism that allows exchanges to disclose their asset reserves to ensure that they have sufficient funds to meet withdrawal needs. For example, Binance and OKX both publish regular reserve reports(8) . Choosing an exchange with a complete proof of reserves can effectively reduce the risk of capital security.

In addition, an exchange's security record should also be taken into account, such as whether there have been any hacking attacks, whether the management of funds is sound, and whether there is any record of delayed withdrawals. Large exchanges such as Binance and Coinbase are usually able to respond quickly to security incidents, while some smaller exchanges may not be able to withstand similar risks.

The most important thing is that investors should be proactive in protecting their assets rather than relying entirely on the exchanges. Here are two key strategies:

Use of hardware wallets (e.g. Ledger, Trezor)
Hard wallets are the safest way to store cryptocurrencies because they are not connected to the internet and cannot be hacked remotely. Long-term holdings of crypto assets should be stored in a hard wallet, not on an exchange.
Decentralize assets to reduce risk
Short-term trading funds can be held on an exchange for quick trading. Long-term investment assets should be held in cold wallets to avoid irreparable losses due to exchange hacking. With these strategies, investors can effectively minimize the impact of exchange hacking and ensure the safety of their assets.

Disclaimer

The content of this article is for reference only, investors should exercise independent judgment, invest prudently and at their own risk, this article does not provide or attempt to persuade the audience to do trading or investment basis, the content is for sharing purposes only, and should not be regarded as investment advice.It does not represent the views and position of Monsterblockhk.All information and opinions are current as of the date of the judgment. In addition, if a judgment is rendered on aIn this siteAny content related to virtual asset trading platforms that have not yet obtained a license to operate virtual asset trading platforms in Hong Kong, including but not limited to text introductions, pictures, offers, events, etc., are only available to users outside the Hong Kong Special Administrative Region.

According to the Hong Kong Anti-Money Laundering and Counter-Terrorist Financing (Amendment) Ordinance 2022, after June 1, 2023, all centralized virtual asset trading platforms operating in Hong Kong or actively promoting their services to Hong Kong investors will be licensed and regulated by the SFC, and any related unlicensed activities will be a criminal offence. For more information and details of the legislation, users may refer to the SFC website.