Bybit founder Ben Zhou has confirmed that the cryptocurrency exchange suffered a $1.4 billion Ethereum (CRYPTO: ETH) hack, making it one of the largest security breaches in recent history.
The attack, which targeted Bybit’s Ethereum cold wallet, resulted in the loss of 401,347 ETH ($1.12 billion), 90,376 stETH ($253 million), 15,000 cmETH ($44 million), and 8,000 mETH ($23 million), according to Onchain Lens.
Bybit’s Security Breach Explained
According to Zhou, the attack stemmed from a manipulation of Bybit’s multisig wallet interface, tricking signers into unknowingly approving a fraudulent smart contract update.
“It appears that this specific transaction was masked. All the signers saw the masked UI, which showed the correct address, and the URL was from Safe,” Zhou stated. “However, the signing message was to change the smart contract logic of our ETH cold wallet.”
Bybit’s team mistakenly authorized a contract modification, allowing attackers to take full control of the cold wallet and transfer …
Full story available on Benzinga.com