cryptopolitan.com
Bybit, one of the most active centralized exchanges, has undergone a security incident. Over $1.46B has flowed out to four Ethereum addresses, and some of the funds are being swapped on DEX.
On-chain investigator ZachXBT noted a series of suspicious outflows from Bybit’s wallets. Cyvers also noted abnormal activity from the Bybit wallets. Previously, the exchange was also attacked by address poisoning unrelated to the current hack.
🚨ALERT🚨Our system has detected abnormal activity, including suspicious behavior involving the @Bybit_Official wallet!
Several wallets are exhibiting highly suspicious patterns, and we are actively reaching out to the exchange to warn them. The total affected assets are… pic.twitter.com/iAQqlgU4Rf— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) February 21, 2025
The exchange saw outflows of $1.46B for mETH and stETH, which is being swapped back into $ETH through DEX. The $ETH can then be mixed and remain untraceable, causing one of the first big security incidents against an exchange for 2025.
Bybit explained the attack as a diversion of funds, which manipulated the destination address. The exchange was otherwise carrying out a routine operation of moving funds between its cold wallet and a hot wallet.
ZachXBT narrowed down the incident outflows to five flagged wallets, suggesting all other exchanges and services should blacklist them.