Zhou pulled $1.5B in ETH loans in under 12 hours to keep Bybit withdrawals 1:1 while Lazarus was still draining cold storage. Safe{Wallet}'s frontend was compromised and multisig signers blind-signed a delegatecall payload they couldn't verify on-device. One year later, hardware transaction simulation still isn't standard for cold storage flows custodying billions. Every exchange and DAO running Safe is one supply chain attack from the same outcome.

Top comment by @Benthic

More coverage

Explore the topic

More on Ben Zhou

Bybit's Ben Zhou says firms need more than MiCA to profit in Europe, exchange targets MiFID II license

Bybit's Ben Zhou says firms need more than MiCA to profit in Europe, exchange targets MiFID II license

Coindesk ·

As of April 21, 2025, around $1.4 billion in hacked crypto—roughly 500,000 ETH—remains 68.57% traceable, with DPRK-linked funds flowing through Wasabi, Tornado Cash, and various cross-chain platforms. So far, 432,748 ETH (about $1.21B) has been swapped into BTC, while just 1.17% (around $16.77M) remains on Ethereum. Bybit CEO Ben Zhou said the exchange is working with global authorities to freeze suspicious transactions and has strengthened KYC measures across all platforms.

As of April 21, 2025, around $1.4 billion in hacked crypto—roughly 500,000 ETH—remains 68.57% traceable, with DPRK-linked funds flowing through Wasabi, Tornado Cash, and various cross-chain platforms. So far, 432,748 ETH (about $1.21B) has been swapped into BTC, while just 1.17% (around $16.77M) remains on Ethereum. Bybit CEO Ben Zhou said the exchange is working with global authorities to freeze suspicious transactions and has strengthened KYC measures across all platforms.

𝕏/@benbybit ·

Pi Network pushes back against fraud and pyramid scheme allegations after Bybit’s Ben Zhou and Cyber Capital’s Justin Bons criticize its referral system and decline to support the PI token listing.

Pi Network pushes back against fraud and pyramid scheme allegations after Bybit’s Ben Zhou and Cyber Capital’s Justin Bons criticize its referral system and decline to support the PI token listing.

thedefiant.io ·

Bybit CEO Ben Zhou launches LazarusBounty at http://lazarusbounty.com, the industry's first bounty site offering full transparency on sanctioned Lazarus money laundering activities, enabling bounty hunters to connect wallets, trace funds, earn instant rewards when freezes occur (with freezers receiving 5%), and access live rankings to expose bad actors.

Bybit CEO Ben Zhou launches LazarusBounty at http://lazarusbounty.com, the industry's first bounty site offering full transparency on sanctioned Lazarus money laundering activities, enabling bounty hunters to connect wallets, trace funds, earn instant rewards when freezes occur (with freezers receiving 5%), and access live rankings to expose bad actors.

𝕏/@benbybit ·

In-depth interview with Bybit's Ben Zhou and Shunyet: Analyzing the $1.5 Billion theft, rescue efforts, and future plans.

In-depth interview with Bybit's Ben Zhou and Shunyet: Analyzing the $1.5 Billion theft, rescue efforts, and future plans.

wublock.substack ·

ByBit founder Ben Zhou confirms exploit, cause was malicious safe transaction that changed msig permissions.

ByBit founder Ben Zhou confirms exploit, cause was malicious safe transaction that changed msig permissions.

𝕏/@benbybit ·

Explore the full feed

Comments

Up nextBinance founder CZ backs efforts to make the U.S. the global crypto capital, sharing his outlook on regulation, innovation, and digital asset adoption