Blockchain investigator ZachXBT has flagged $1.46 billion in suspicious outflows from cryptocurrency exchange Bybit, with significant movements of Mantle’s mETH and Lido’s stETH tokens being swapped for Ethereum (ETH) across decentralized exchanges (DEXs). This activity, detected today February 21, 2025, suggests a potential security breach, indicating vulnerabilities in Bybit’s ecosystem.
Trajectory of the Suspicious Activity
ZachXBT alert indicates that the outflowed mETH and stETH are being rapidly converted into ETH via DEX aggregators, a method commonly used to obscure fund trails. On-chain data reveals similarities to the 2024 Rain Exchange exploit, where $14.8 million in assets were funneled through instant exchanges and mixed across wallets.
Bybit Addresses Security Incident Involving ETH Cold Wallet
The exchange has confirmed a security incident where the hacked gained control of specific ETH cold wallet. The founder of the exchange stated that the ETH from the compromised cold wallet was transferred to an unidentified address. However, all other cold wallets remain secure, and withdrawals are operating normally.
Bybit CEO Weighs In
The CEO confirmed that a hacker gained control of one of the exchange’s ETH cold wallet by manipulating a transaction between its multisig cold wallet and hot wallet, resulting in the transfer of all ETH to an unidentified address. Zhou assured users that all other cold wallets remain secure and withdrawals are operating normally.
The exchange’s team has launched an investigation into the breach to determine its scope and prevent future incidents. Despite the hack, Zhou reiterated the exchange’s financial stability, citing over $11 billion in assets, and urged users to remain calm as he would keep everyone posted.
Industry Reactions and Mitigation Efforts
Following the alert, exchanges like WhiteBIT proactively froze suspicious deposits, reiterating commitments to anti-money laundering (AML) standards, Meanwhile, stakeholders urge transparency, recalling Bybit’s June 2024 layoffs- a move speculated to strain internal security oversight.
Also Read: Coinbase and SEC Reach Agreement to Dismiss Lawsuit, Ripple Lawsuit Next?
