Bybit Announces Security Overhaul After $1.4 Billion Hack

Bybit, a prominent cryptocurrency exchange, has announced a comprehensive security overhaul in response to a significant hack that occurred in February. The breach resulted in the loss of over $1.4 billion in liquid-staked Ether (STETH), Mantle Staked ETH (mETH), and other ERC-20 tokens, marking one of the largest security breaches in the history of cryptocurrency.

In the aftermath of the incident, Bybit has implemented a three-pronged security upgrade. This initiative focuses on enhancing security audits, fortifying wallet protections, and improving information security measures. Within a month of the breach, the exchange completed nine security audits, conducted by both in-house specialists and independent external experts. These audits led to the implementation of 50 new security measures, aimed at bolstering the exchange's defenses against future attacks.

On the hardware front, Bybit has tightened its cold wallet protocols and introduced a revamped operational safety procedure. This new procedure mandates full supervision by security experts throughout the wallet process and adopts multiparty computation to enhance wallet protection. Additionally, hardware security modules have been consolidated to provide higher levels of hardware security. Bybit now holds ISO/IEC 27001 certification for information security risk management, ensuring that all internal and customer communications and data storage are encrypted.

Despite the attack, Bybit has nearly returned to pre-hack liquidity levels. The exchange's LazarusBounty initiative continues to trace the stolen funds, with over $2.3 million in bounty rewards distributed through the program to date. The swift recovery of liquidity is partly credited to Bybit’s Retail Price Improvement (RPI) orders, a feature designed to attract institutional liquidity. These specialized orders helped stabilize market conditions when liquidity was most strained, playing a crucial role in stabilizing trading conditions and enhancing pricing efficiency.

While infrastructure hardening was a focus, Bybit warned that hackers are increasingly exploiting human errors instead of protocol vulnerabilities. There is a rise in “more sophisticated attacks,” with hackers impersonating large brands and protocols. A Bybit spokesperson highlighted that while system-level intrusions remain a concern, attackers are increasingly targeting the human element as the weakest link in the security chain. This shifting attack vector signals that smart contracts and blockchain infrastructure are no longer the weakest link, as attackers increasingly exploit “human behavior rather than code.”