After the Bybit incident, how do investors protect their ETH security
On February 21, 2025, on-chain detective ZachXBT first disclosed a blockbuster news on social media: Bybit platform suffered a major security incident, with approximately 401,346 ETH (worth about 11.3 billion US dollars) along with some staked liquidity tokens (such as stETH) stolen from its cold wallet, totaling losses of up to 14.6 billion US dollars. This is not only the highest single theft amount in the history of cryptocurrency, but also makes ‘ETH security’ once again the focus of the industry.
Although this incident is essentially the result of an exchange security vulnerability, rather than a problem with the Ethereum network itself, it still reminds us that the security of ETH assets in the hands of users largely depends on the storage and usage environment. This article will take the Bybit incident as a starting point to explore security risks related to ETH and provide users with practical protection strategies.
Bybit incident: Lessons from the exchange’s breach
Hackers exploited vulnerabilities in multi-signature wallets, disguised the transaction interface, deceived signers into unknowingly approving malicious smart contracts, and ultimately transferred huge amounts of ETH and other assets from the cold wallet to the hacker’s address. This attack did not directly target the Ethereum blockchain, but precisely targeted Bybit’s internal security processes.
After the incident, Bybit CEO Ben Zhou stated that the exchange still has the ability to pay, and client assets are protected on a 1:1 basis, with withdrawal functionality unaffected. However, the $1.46 billion loss has been sufficient to prompt the entire industry to reexamine the weaknesses of centralized platforms in safeguarding ETH security.
It is worth noting that the Ethereum network itself did not expose any vulnerabilities in this incident. As a decentralized blockchain, Ethereum’s core protocol has undergone multiple upgrades over the past decade, and its security has been significantly improved. However, when users store ETH on centralized exchanges, the security of assets is controlled by third parties, and the risk is transferred accordingly. This is the core lesson of the Bybit incident: the key to ETH security often lies not in the blockchain itself, but in the management method chosen by users.
Where is the real threat to the security of ETH?
While the Ethereum network itself is not implicated in the Bybit incident, it does not mean that users holding ETH can rest easy. Here are several major risk areas closely related to ETH security:
1. Single point of failure for centralized exchanges
The Bybit incident illustrates that centralized exchanges, due to storing a large amount of assets in a concentrated manner, have become the primary targets for hackers. Whether it’s a cold wallet or a hot wallet, once the platform’s security defenses are breached, users’ assets could disappear instantly. Similar incidents are not uncommon in history, such as the collapses of Mt.Gox and FTX, which have led to massive losses.
2. Social Engineering and Phishing Attacks
In the Bybit incident, hackers deceive signatories by forging trading interfaces, highlighting the power of social engineering attacks. For ordinary users, phishing websites, fake wallet apps, or malicious links may lead to private key exposure, resulting in the loss of ETH.
3. Risks of Smart Contract Interaction
While the Bybit incident did not directly involve a smart contract vulnerability on Ethereum, users interacting with ETH in DeFi or other DApps inevitably need to interact with smart contracts. If there are issues with the contract code, or if users mistakenly approve malicious permissions, ETH assets could be easily transferred.
4. The Complexity of Liquidity Staking Tokens
After Ethereum’s transition to PoS, liquid staking tokens (such as stETH) have become popular assets. The theft of some stETH in the Bybit incident reminds us that while these tokens have diverse use cases, they also increase management complexity and potential risks.
5. Challenges in Private Key Management
For users who choose to self-custody ETH, the security of the private key is crucial. Once the private key is lost or stolen, the assets cannot be recovered, which is also a dilemma faced by many novice users. How to protect your ETH?
While the Bybit incident is an attack on the exchange level, it serves as a warning bell for all ETH holders. Here are practical suggestions from individual to industry level to help you enhance the security of your ETH:
1. Prefer decentralized storage
Storing ETH in a decentralized wallet (such as MetaMask, Trust Wallet) can avoid losses caused by exchange breaches. For large assets, hardware wallets (such as Ledger, Trezor) are a safer choice. The Bybit incident shows that cold wallets are not omnipotent, self-custody is fundamental.
2. Be cautious of phishing and spoofing attacks
Never enter your private key or mnemonic phrase on a website or application of unknown origin. Use bookmarks to access commonly used platforms and avoid clicking on suspicious links in emails or social media. The disguised trading interface in the Bybit incident is a typical example of such attacks.
3. Exercise caution when interacting with smart contracts
When participating in DeFi or NFT projects, use a blockchain browser (such as Etherscan) to check if the smart contract address is trustworthy. Avoid approving unknown permissions at will and ensure the clear intent of each transaction.
4. Diversify assets to reduce risk
Do not concentrate all ETH in one wallet or platform. Adopt a layered storage strategy, such as putting ETH used for short-term purposes in a hot wallet, and transferring part of the long-term holdings to cold storage, which can effectively diversify risks.
5. Regular Inspection and Backup
Regularly check your wallet balance and transaction records to ensure there are no abnormal operations. At the same time, back up the mnemonic phrase and store it in a secure place (such as a physical safe) to prevent device loss.
Safe thinking about ETH
While the Bybit incident was shocking, it is not directly related to the reliability of the Ethereum network itself. The real challenge lies in how ETH holders protect their assets in an increasingly complex environment. Whether relying on the convenience of exchanges or choosing the freedom of self-custody, each method has its trade-offs. The key is to understand the risks and take proactive measures.
