Bybit Hacking Incident Analysis: Security Challenges of CEXs

2/22/2025, 3:00:01 AM
Beginner
Quick Reads
On February 21, 2025, the cryptocurrency exchange Bybit was hacked, with over $1.5 billion in crypto assets stolen. This article will analyze the security incident in detail, discuss the attack methods and market reactions, and propose suggestions on how cryptocurrency exchanges can enhance their security technology in the future to ensure the safety of user funds.

Overview: Bybit Theft Incident

On February 21, 2025, the cryptocurrency exchange Bybit suffered a serious security incident, resulting in the theft of assets from its Ethereum (ETH) multi-signature cold wallet. The direct loss from this incident exceeded $1.5 billion, as hackers manipulated the smart contract logic of the cold wallet through sophisticated attack methods and stole a large amount of cryptocurrency assets.

Image:Bybit Official Announcement

Attack details and hacker tactics analysis

Based on the analysis of the incident, hackers gained access to Bybit’s multi-signature cold wallet system through sophisticated means. By exploiting vulnerabilities in the front-end UI, the attackers successfully deceived the signers of the multi-signature wallet into signing malicious content in a fake interface, thus taking control of the cold wallet. Specifically, the attackers tampered with the smart contract logic, causing the signers to see the correct transaction address, while the actual signed content transferred the funds to an address controlled by the hacker.

Image:https://x.com/evilcos/status/1892979598826315830

Stolen Assets and Fund Flows

According to on-chain data analysis, the stolen assets include:

  • 401,347 ETH, about 11.2 billion US dollars;
  • 90,376 stETH, about 2.53 billion US dollars;
  • 15,000 cmETH, about $44.13 million;
  • 8,000 mETH, about 23 million US dollars.

The above prices are calculated based on the prices at the time of the theft on the evening of February 21st.

These funds were transferred by hackers to multiple addresses and exchanged stETH and mETH for ETH through decentralized exchanges (DEX) to further launder the funds. To avoid tracking, the hacker dispersed the ETH to 49 addresses on the same day, with each address transferring approximately 10,000 ETH.

Bybit official response and industry feedback

After the incident, Bybit co-founder and CEO Ben Zhou confirmed the attack on X platform and emphasized that other wallets on the platform were not affected, and user withdrawal services are normal. He stated that even if the stolen funds cannot be recovered, Bybit still has the ability to pay and can withstand this loss. On-chain analyst ZachXBT and others called on major exchanges to blacklist the hacker’s address to prevent further circulation of stolen funds. In addition, security company Beosin quickly added the relevant addresses to its KYT tag library and issued alerts.

Gate.io’s fund security measures

Gate.io will spare no effort to assist in the recovery of the stolen funds from Bybit. Exchanges in the industry attach great importance to this incident, Gate.io CEO Han Lin stated that they will strengthen industry cooperation to enhance crypto security together.

Image:https://x.com/gate_io/status/1893010282810876194

Gate.io has always attached great importance to the security of user funds and has taken a series of innovative measures to ensure the security of platform assets. In January 2025, Gate.io announced the latest reserve data, with a total reserve of up to $10.328 billion, a reserve ratio of 128.58%, far exceeding the industry standard of 100%. Among them, Gate.io holds over 20,000 BTC and 257,000 ETH, with reserve ratios of 123.06% and 112.04% respectively. In addition, Gate.io has also introduced zero-knowledge proof (zk-SNARK) technology, further enhancing the platform’s transparency and privacy protection capabilities, allowing users to verify the adequacy of platform assets without revealing any transaction details.

In the world of cryptocurrency, security is the most critical concern for users. Gate.io is well aware of this significant responsibility and always prioritizes the security of user assets. Through meticulous management of cold wallets and hot wallets, combined with advanced technologies such as user balance snapshots and Merkle tree structure, regular security audits, comprehensive optimization of asset storage and management processes, we ensure the security and transparency of every asset.

The recent theft incident has once again sounded the alarm for industry security. Gate.io will take this as a lesson, continuously upgrade its security protection system, introduce more advanced technological means and risk monitoring mechanisms, and ensure the platform is as solid as a rock. We promise to spare no effort in safeguarding the assets security of every user, providing users with a stable, reliable, and trustworthy trading environment. Choosing Gate.io means choosing peace of mind and security.

Gate Learn has also compiled articles on blockchain security for everyone to study, always stay alert:https://www.gate.io/learn/topics?category=security&page=1&sort=updated_at

Summary

The Bybit theft incident once again reminds the cryptocurrency industry that exchanges are facing increasingly complex security threats. With the development of the industry, exchanges must continuously innovate security technologies and strengthen the protection of user assets. In addition to basic cold wallet protection, smart contract audits, and multi-signature mechanisms, exchanges should also introduce more cutting-edge technologies, such as artificial intelligence and blockchain analysis, to enhance security capabilities. Innovation in security technologies in the cryptocurrency industry will be a key factor in determining the long-term competitiveness of exchanges.

Author: Max
Reviewer(s): Wayne
* The information is not intended to be and does not constitute financial advice or any other recommendation of any sort offered or endorsed by Gate.
* This article may not be reproduced, transmitted or copied without referencing Gate. Contravention is an infringement of Copyright Act and may be subject to legal action.

Share

Crypto Calendar

Proje Güncellemeleri
Etherex, 6 Ağustos'ta REX token'ını piyasaya sürecek.
REX
22.27%
2025-08-06
NFT AI Ürün Lansmanı
Nuls, üçüncü çeyrekte bir NFT AI ürünü piyasaya sürecek.
NULS
2.77%
2025-08-06
dValueChain v.1.0 Lansmanı
Bio Protocol, ilk çeyrekte dValueChain v.1.0'ı piyasaya sürmeye hazırlanıyor. Amacı, DeSci ekosisteminde güvenli, şeffaf ve değiştirilemez tıbbi kayıtlar sağlamak için merkeziyetsiz bir sağlık veri ağı kurmaktır.
BIO
-2.47%
2025-08-06
Yapay Zeka Tarafından Üretilen Video Altyazıları
Verasity, dördüncü çeyrekte AI tarafından üretilen video altyazı fonksiyonu ekleyecek.
VRA
-1.44%
2025-08-06
VeraPlayer Çok Dilli Destek
Verasity, dördüncü çeyrekte VeraPlayer'a çok dilli destek ekleyecek.
VRA
-1.44%
2025-08-06

Related Articles

Pi Coin Transaction Guide: How to Transfer to Gate.io
Beginner

Pi Coin Transaction Guide: How to Transfer to Gate.io

Pi Network is a decentralized cryptocurrency network for the general public, using the Stellar Consensus Protocol (SCP) consensus mechanism, which allows users to easily mine Pi tokens from their mobile devices and use them for payments and transactions. With the official opening of the mainnet on February 20, 2025, investors can deposit and trade $PI on exchanges such as Gate.io. This article details how to securely transfer Pi Coins to Gate.io, including obtaining a deposit address, completing the transfer using the Pi Network mainnet wallet, and the exchange's arrival confirmation process. In addition, we have analysed $PI investment risks, including market volatility, compliance and potential fraud risks, to remind investors to take risk management before trading.
2/25/2025, 8:21:43 AM
What is N2: An AI-Driven Layer 2 Solution
Beginner

What is N2: An AI-Driven Layer 2 Solution

This article introduces N2 (Niggachain AI Layer 2), the world's first AI-driven Layer 2 blockchain solution. N2 combines AI technology and quantum computing resistance to address the limitations of traditional blockchains in scalability, transaction speed, and cost. Its core technologies include '0-second block time', AI-driven network optimization, and quantum-resistant security protection, aiming to improve transaction efficiency and ensure system stability.
12/23/2024, 7:21:00 AM
Grok AI, GrokCoin & Grok: the Hype and Reality
Beginner

Grok AI, GrokCoin & Grok: the Hype and Reality

Discover Grok AI, GrokCoin, and Grok Crypto—from Elon Musk's AI chatbot to the viral meme coin inspired by it. Learn about GrokCoin’s rise, its connection to Grok AI, and the risks of investing in meme coins.
3/7/2025, 10:33:07 AM
How to Sell Pi Coin: A Beginner's Guide
Beginner

How to Sell Pi Coin: A Beginner's Guide

This article provides detailed information about Pi Coin, how to complete KYC verification, and choose the right exchange to sell Pi Coin. We also provide specific steps for selling Pi Coin and remind of important matters to pay attention to when selling, helping novice users complete Pi Coin transactions smoothly.
2/26/2025, 9:20:50 AM
Crypto Trends in 2025
Beginner

Crypto Trends in 2025

As 2025 arrives, the cryptocurrency market stands at a new crossroads of development. This article delves into five key trends shaping the current crypto landscape, covering significant regulatory changes, the transformational impact of Bitcoin spot ETFs, the deep integration of AI and blockchain, Ethereum’s technical upgrades, and the rise of emerging markets. Through analysis of these trends, the goal is to provide investors, professionals, and enthusiasts with clear insights into the future direction of the crypto market, helping them better seize opportunities and face challenges. Real-world examples are included to help readers understand the dynamics of how the market is developing under each trend.
4/10/2025, 9:55:53 AM
What is Official Elon Coin (ELON)?
Beginner

What is Official Elon Coin (ELON)?

Official ELON Coin is an innovative project launched on the Solana blockchain, connecting the future of cryptocurrency and fan concepts through the $ELON token. After its launch, the project quickly gained strong community support and market confidence, with a maximum market value of $26 million. Through its unique token distribution mechanism and long-term development plan, the project ensures market stability and sustainability.
1/20/2025, 5:08:32 AM
Start Now
Sign up and get a
$100
Voucher!