A hacker has pulled off one of the biggest crypto heists in history, stealing over 401,346 ETH worth $1.4 billion from Bybit.
This massive theft has catapulted the hacker into the ranks of the largest Ethereum holders, surpassing Vitalik Buterin, the company’s co-founder, and the Ethereum Foundation.
The breach has sent shockwaves through the crypto industry, raising serious concerns about exchange security and whether any platform is truly safe from cybercriminals.
How the Hacker Stole More Than 400,000 Ethereum
The Bybit hack stands out not just because of its size but because of how it happened. Unlike typical attacks that rely on phishing or weak passwords, this breach targeted Bybit’s multi-signature cold wallets, which is a security method that is supposed to be highly secure.
Blockchain security experts believe the hacker manipulated transaction signatures, making withdrawals appear legitimate while secretly diverting the funds.
This suggests an inside weakness or a critical flaw in the exchange’s security protocols. Some analysts speculate that the attacker may have compromised private keys, gained access to signing devices, or exploited vulnerabilities in Bybit’s backend servers.
This is not the first time such a breach has happened. Binance founder Zhao Changpeng pointed out that Phemex and WazirX have faced similar attacks, raising concerns that certain multi-signature wallet providers may have systemic weaknesses.
There is also speculation that the infamous Lazarus Group, a North Korean-backed hacking organisation, may be behind this attack, given their history of stealing large amounts of crypto.
The hacker wasted no time in moving the stolen ETH through cross-chain bridges like Chainflip, converting some of it into Bitcoin. This strategy makes it harder for exchanges and authorities to track and freeze the assets, though forensic analysts are closely monitoring the hacker’s wallets.
What is even more shocking is that the hacker is now one of the biggest Ethereum holders in the world. The 401,346 ETH stolen from Bybit ranks 14th among all Ethereum wallets globally, placing the hacker above some of the most well-known figures in crypto.
For comparison, the Ethereum Foundation holds about 200,000 ETH, which is less than half of what the hacker has and Vitalik Buterin’s publicly known wallets hold around 244,000 ETH.
Even adding the undisclosed addresses, his total holdings are estimated to be between 270,000 and 300,000 ETH, which is still far less than the hacker’s stash.
The Response from Bybit and the Crypto Community
In the wake of the attack, Bybit CEO Ben Zhou has attempted to reassure users that the exchange is financially stable. He confirmed that all customer funds are fully backed 1:1, meaning withdrawals will not be affected despite the staggering loss.
While this has helped prevent panic, the hack has once again exposed major security risks within centralised exchanges.
OKX President Hong Fang has taken immediate action by blacklisting the hacker’s wallet addresses, ensuring that any attempt to move funds through OKX will be blocked.
Other exchanges are expected to follow suit, but the hacker can still use decentralised exchanges and cross-chain bridges to launder funds, making recovery extremely difficult.
To track down the stolen assets, Bybit has launched a bounty program, offering rewards to blockchain analysts who can help trace and recover the funds.
Meanwhile, security firms and forensic investigators are digging deeper into how the breach happened and whether other exchanges might be vulnerable to similar attacks.
The Bybit hack is now part of a worrying trend where hackers are targeting multi-signature cold wallets, which were once thought to be among the most secure storage solutions.
This has sparked renewed debate about whether crypto holders should keep assets in centralised exchanges at all, or whether self-custody solutions are the only truly safe option.
Conclusion
The Bybit hack is one of the most shocking crypto thefts in history, not just because of the sheer amount stolen but because the hacker is now one of the biggest Ethereum holders in the world.
With over 401,346 ETH, they have surpassed both Vitalik Buterin and the Ethereum Foundation, highlighting serious weaknesses in exchange security.
Bybit has promised full compensation for users, but this incident has once again shaken confidence in centralised crypto platforms.
The industry is now watching closely to see whether the stolen funds can be recovered and whether exchanges will tighten security measures to prevent similar attacks in the future.