-
The Bybit CEO said the hacking happened during the firm in Safe with a Wallet Ledger.
-
Apparently, the keys to the addresses of Bybit were not violated.
Ben Zhou, CEO and confunder of the Bybit cryptocurrency exchange industry”.
As Cryptonoticia reported, by Bybit had around 400,000 Ether belonging to exchange users, and equivalent to around 1,000 million dollars.
Ben began his story pointing out that from the exchange house They were making “a regular transfer”. The manager described that Bybit has a standard procedure to manage their funds. Every 2 or 3 weeks, depending on the balance in the hot wallet (hot wallet), bybit transfers the funds from the cold wallet (cold purse) to replenish that. This occurs when the Bybit hot wallet indicated by Ben reaches a «benchmark»(A critical limit or point) that they consider to adjust, either for safety, diversification or so that they have sufficient liquidity for daily asset management.
That transaction mentioned by the CEO was an “initial operation of approximately 13,000 eth” from the cold wallet multisig (Multifirma) provided by the SAFE platform used by Bybit to protect those funds from Ether. This means that several people must approve (“sign”) a transaction before it is executed. In this case, there were multiple signatories, and Ben himself was the last to sign the transaction.
Ben explains that that last firm was made from a Ledger Wallet hardware, which saw a URL that seemed legitimate and that, according to him, he verified it as the official SAFE URL on the Ledger screen. Then, he signed the transaction to send those Ethers from the cold wallet Towards one warm wallet (term you use to refer to a purse with hybrid characteristics between cold and hot) of the exchange.
However, Ben mentions an inconvenience during the process: the Ledger screen does not clearly show the destination address, but a block of codes. He reviewed this code, but “not completely in detail.” While it does not clarify, Ben could have trusted that the process multisig It was safe and signed the transaction.
Half an hour later from the signature of the CEO of Bybit, the Exchange team received an emergency alert: the wallet from Ethereum had been empty of its funds in Ethers. This implies that the attack occurred during or just after this transfer, and that the hackers managed to divert all funds to a direction still unknown.
Previously, in a first publication in X, the CEO of the cryptocurrency exchange house had stated that “the signature message was to change the logic of the intelligent contract of our cold wallet Eth.” The modification of the logic of the smart contract caused that the hacker managed to divert the multifirma transaction of Bybit that contained more than 400 thousand Ethers without the signatories knew during the signing of the application in the Visual interface of the purse.
Ultimately, Ben Zhou, during the live broadcast, said that the Exchange has enough assets to return money to investors “although they fail to recover the stolen ETHER.” In addition, he said that they will request a loan in which Bitcoin (BTC) and Stablecoins reserves will grant collateral assets to access Ether’s necessary liquidity and thus return assets to customers “very soon.”