Bybit, a prominent cryptocurrency exchange, fell victim to a significant security breach on Friday, leading to the loss of $1.4 billion in Ethereum (ETH). This incident now ranks as the largest cryptocurrency hack on record, exceeding the $611 million stolen in the 2021 Poly Network hack.
The attackers targeted Bybit’s Ethereum cold wallet, resulting in the theft of a variety of digital assets, including 401,347 ETH (valued at $1.12 billion), 90,376 stETH ($253 million), 15,000 cmETH ($44 million), and 8,000 mETH ($23 million), according to data from Onchain Lens.
In response to the massive theft, Bybit has initiated a recovery bounty program, offering a reward of up to 10% of the recovered funds to ethical cyber and network security professionals who can successfully retrieve any of the stolen assets. This potential bounty of up to $140 million represents one of the largest crypto recovery efforts ever attempted.
“Within 24 hours of the event, we were overwhelmed with support from some of the best people and organizations in the industry, and we do not take it for granted. We have shared in a dark moment of crypto history, and we’ve proven we are better than the malicious actors,” said Ben Zhou, co-founder and CEO of Bybit.
SEC Creates Cyber and Emerging Technologies Unit
In a related development, the Securities and Exchange Commission (SEC) announced the creation of the Cyber and Emerging Technologies Unit (CETU) on Thursday. This new unit is designed to combat cyber-related misconduct and safeguard retail investors within the emerging technologies sector. The CETU replaces the previous Crypto Assets and Cyber Unit and is comprised of approximately 30 fraud specialists and attorneys, and is led by Laura D’Allaird.
“Under Laura’s leadership, this new unit will complement the work of the Crypto Task Force led by Commissioner Hester Peirce. Importantly, the new unit will also allow the SEC to deploy enforcement resources judiciously,” said Acting Chairman Mark T. Uyeda. “The unit will not only protect investors but will also facilitate capital formation and market efficiency by clearing the way for innovation to grow. It will root out those seeking to misuse innovation to harm investors and diminish confidence in new technologies,” Uyeda added.
The CETU has identified the following areas as high-priority:
- Fraud involving artificial intelligence and machine learning
- Fraud on social media platforms, the dark web, or through fake websites
- Takeovers of retail brokerage accounts
- Fraud involving blockchain technology and crypto assets.
- Hacking to acquire material nonpublic information
