The incident saw $1.4 billion in ETH and stETH funds exit the exchange as the assets were quickly moved to new addresses where parts of the holdings are already allegedly sold. Notably, approximately $200 million stETH was sold, raising concerns among market participants. Zachxbt reported that mETH and stETH are currently being swapped on decentralized exchanges (DEX) for ETH, suggesting coordinated activity in response to the breach.

Zachxbt, whose “sources confirm it as a security incident,” urged exchanges and related services to blacklist several addresses across all EVM chains, including the primary address 0x47666Fab8bd0Ac7003bce3f5C3585383F09486E2. The swift movement of funds and immediate sale of portions has prompted ongoing monitoring and further updates as new information becomes available. Bybit’s CEO also confirmed the breach.

“Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago,” Ben Zhou noted on Friday. “It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe. However, the signing message was to change the smart contract logic of our ETH cold wallet.” Bybit’s CEO Zhou added:

This [resulted in the hacker taking control] of the specific ETH cold wallet we signed and transferred all ETH in the cold wallet to this unidentified address. Please rest assured that all other cold wallets are secure. All withdrawals are NORMAL. I will keep you guys posted as more develops, If any team can help us to track the stolen fund will be appreciated.

In another post, Zachxbt said “The attacker just split 10K ETH to 39 addresses. If you are an exchange or service who follows my channel blacklist these addresses on all EVM chains”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。