In-Depth Technical Analysis of the Bybit Hack
Contents
Cookie Control toggle icon
Skip to navigationSkip to main contentSkip to footer
NCC Group
Services
Open sub menu for Services
Sectors
Open sub menu for Sectors
Resources
Open sub menu for Resources
About Us
Open sub menu for About Us
Search
US
Open sub menu for regions
Client login
Enter a search term
Cyber Security Research Blog
In-Depth Technical Analysis of the Bybit Hack
10 March 2025
By Mario Rivas
Mario Rivas, Ruben Santos & Jorge Sanz
Introduction
On 21st February 2025, Bybit suffered the largest cryptocurrency theft ever recorded, with more than $1.4 billion assets, including 401,347 ETH, drained from its cold wallet. The attack compromised the transaction approval process by altering what Bybit’s signers saw when approving a cold wallet transaction, causing them to unknowingly authorize an transaction that resulted in a loss of funds.
To perform this attack, the attackers targeted Safe{Wallet}, a widely used multi-signature wallet solution that required multiple approvals (in Bybit’s case, at least three signers) before executing a transaction. These wallets are designed to improve security …
Skip to navigationSkip to main contentSkip to footer
NCC Group
Services
Open sub menu for Services
Sectors
Open sub menu for Sectors
Resources
Open sub menu for Resources
About Us
Open sub menu for About Us
Search
US
Open sub menu for regions
Client login
Enter a search term
Cyber Security Research Blog
In-Depth Technical Analysis of the Bybit Hack
10 March 2025
By Mario Rivas
Mario Rivas, Ruben Santos & Jorge Sanz
Introduction
On 21st February 2025, Bybit suffered the largest cryptocurrency theft ever recorded, with more than $1.4 billion assets, including 401,347 ETH, drained from its cold wallet. The attack compromised the transaction approval process by altering what Bybit’s signers saw when approving a cold wallet transaction, causing them to unknowingly authorize an transaction that resulted in a loss of funds.
To perform this attack, the attackers targeted Safe{Wallet}, a widely used multi-signature wallet solution that required multiple approvals (in Bybit’s case, at least three signers) before executing a transaction. These wallets are designed to improve security …