What Happened?

On February 21, 2025, blockchain tracker Whale Alert flagged a jaw-dropping transfer of 401,346 ETH(worth 1.13billion) from Bybit’s hot wallet to ananonymou saddress. Minutes later, the stolen ETH began cascading into a web of secondary wallets, where the hacker started dumping liquid−staked derivatives like stETH and MegaETH(mETH) for raw ETH via decentralized exchanges(DEXes).The total haul now $1.4 billion, marking one of the largest crypto breaches ever

.

The hacker’s strategy was unorthodox: instead of discreetly offloading funds through over-the-counter (OTC) desks—the norm for large exchanges—they opted for chaotic DEX swaps. Addresses like 0x4…7e5 executed rapid trades on Uniswap and Curve, converting stETH to ETH at a 3% discount. This fire-sale approach shocked analysts. “No exchange would liquidate this way unless they were desperate or compromised,” tweeted ZachXBT, who first exposed the exploit. Security analyst ZackXBT sounded the alarm first, flagging the suspicious transfers and urging users to blacklist associated addresses. Chainalysis later confirmed the stolen ETH is being laundered through Tornado Cash and DEX aggregators.

Bybit’s CEO, Ben Zhou, later confirmed the breach stemmed from a sophisticated smart contract exploit. Hackers injected malicious code into a transaction masked as a routine warm-wallet transfer, altering the wallet’s logic to siphon funds.

Why This Breach Is Different

1. DEX Dumping Chaos: The hacker’s decision to offload stETH via DEXes—instead of OTC—suggests urgency or inexperience. “This isn’t a pro. It’s someone panicking,” argued an analyst.

2. Liquidity Dominoes: Liquid-staked ETH ($stETH) underpins DeFi’s lending markets. A mass sell-off risks collateral liquidations akin to 2022’s Celsius collapse.

3. Stablecoin Exposure: 300M of the stolen funds are tied to Ethena’sUSDe, a yield-bearing stablecoin. If USDe’s reserves are compromised, a depeg could ignite systemic panic

   

   .

CEO’s Solvency Pledge: “We Will Make Users Whole”

Zhou’s immediate vow to cover losses 1:1 has drawn mixed reactions. Zhou stressed:

“All user funds will be covered 1:1. Bybit remains solvent. This is non-negotiable. We’re working with global law enforcement to freeze these assets.”
Full Statement

• Supporters: Praise Bybit’s transparency vs. rivals like Mt. Gox. “They’re owning this. Respect,”tweeted a CryptoQuant analyst.

• Skeptics: Question how Bybit will fund $1.46B without draining reserves. “Prove the money exists,”demanded a Reddit user.

Notably, Bybit’s proof-of-reserves last audited in December 2024 showed $12B in holdings—enough to cover the hack, but barely.

Market Fallout

• ETH Price: Dipped 8% post-news but rebounded to $2,800 as arbitrage bots bought discounted stETH.

• User Exodus: Despite open withdrawals, $890M in assets fled Bybit within hours.

• Regulatory Fury: The SEC cited the breach in a statement: “This is why we delayed spot ETH ETFs. Exchanges cannot self-police.”

What’s Next?

• Fund Tracking: White-hats and firms like TRM Labs are tracing the ETH through Tornado Cash and cross-chain bridges.

• Rewards: Bybit is offering a $10M bounty for intel leading to the hacker’s arrest.

• Legal Storm: Class-action suits are already being drafted, citing negligence in smart contract audits.

The Bottom Line

Bybit’s survival hinges on two words: prove it. If the exchange refunds users swiftly, it could set a new standard for breach accountability. If not, this could be crypto’s Lehman Brothers moment—a collapse of trust with generational repercussions.

Stay updated, subscribe and share with your friends. Refresh often. And for god’s sake, secure your wallet.🔒