Ethereum multisig wallet Safe has announced it is temporarily halting certain functionalities as the post-mortem of the $1.4 billion Bybit hack on Feb. 21 begins.
Safe said in an update that the wallet’s security team had not found any evidence of the hack being a result of a frontend exploit. However, the halt is out of an abundance of caution.
“We have not found evidence that the official Safe frontend was compromised. However, out of caution, Safe{Wallet} is temporarily pausing certain functionalities,” the platform posted on X.
The Ethereum (ETH) multisig wallet provider was also collaborating with the Bybit team on the unfolding investigation.
What happened?
On Friday February 21, 2025, the crypto exchange Bybit suffered a major hack. The exchange’s multisig cold wallet for ETH was drained of over $1.4 billion worth of the token.
A hacker used a “masked” URL to deceive signers, with this shown as the correct one from Safe. Changing the contract logic allowed the hacker to take control of Bybit’s ETH cold wallet, draining it.
The trick worked and the hacker moved all ETH in the wallet to a new address. They have since initiated transfers to other wallet addresses.
Biggest hack in crypto?
The result is what could be one of crypto world’s most devastating heists. In the past, the industry has heaved from hacks impacting Mt. Gox, Coincheck and FTX. WazirX’s $230 million hack in July 2024 also hit crypto holders in India hard.
Bybit CEO Ben Zhou noted in a post on X that the exchange remained solvent and that it can cover the losses.
He also said withdrawals remained on, likely a move meant to assure the community. While industry players including Binance founder and former CEO Changpeng Zhao have pledged support if needed, part of the advice to the exchange is that pausing withdrawals may be an option.
“Not an easy situation to deal with. Might suggest to halt all withdrawals for a bit as a standard security precaution. Will provide any assistance if needed. Good luck!” CZ noted.
