Today's News Highlights:
Coinbase Co-founder: Agreement reached with the U.S. SEC, related lawsuit expected to be formally dismissed next week.
OpenSea CEO: The U.S. SEC is concluding its investigation into OpenSea.
ZachXBT: Over $1.46 billion in suspicious outflows detected from Bybit.
Stolen funds from Bybit involve over 400,000 ETH, over 90,000 stETH, 15,000 cmETH, and 8,000 mETH.
Bybit CEO: Nearly 80% of the stolen ETH has been obtained as bridge loans from partners to alleviate liquidity crunch.
Bybit CEO: All withdrawals have been processed, and a complete incident report along with security measures will be released in the coming days.
Arkham: The attack on Bybit was carried out by the North Korean hacker group LAZARUS GROUP.
He Yi: Binance employees are restricted from buying and selling all coins for 30 days, otherwise it will be considered a violation.
Kanye: The current market is filled with fake coins, and he will launch his own coin next week.
Regulation/Macro
Coinbase co-founder and CEO Brian Armstrong posted on X platform that after years of litigation, costing millions of taxpayer dollars and causing irreparable harm to the country, Coinbase has reached an agreement with the U.S. Securities and Exchange Commission staff to dismiss their lawsuit against Coinbase. Once approved by the U.S. SEC (expected to be approved next week), this will be a complete dismissal with zero fines, and there will be no changes to the business.
The U.S. SEC made a legal error.
Yielding to the U.S. SEC's demands could lead to the decline of the crypto industry in the U.S.
The dismissal of the lawsuit is the right choice for Coinbase's customers and the industry.
Brian Armstrong expressed hope for reforms under the leadership of Paul Atkins, Mark Uyeda, Hester Peirce, and DOGE, and looks forward to new, wiser personnel entering leadership positions.
Coinbase Chief Legal Officer Paul Grewal posted on X platform stating, "The term 'case dismissal' is what every defendant longs to hear. The U.S. SEC will dismiss the Coinbase case, and there will be no settlement or compromise—errors will only be corrected. However, Coinbase has much work to do and cannot be distracted; legislation is crucial to ensure such illegal activities do not happen again. Coinbase will not stop fighting until clear rules are established that allow the industry to truly thrive in the U.S. Collaboration will be key, and we look forward to working with the U.S. Congress and SEC staff to drive progress in the next phase."
If Trump audits U.S. gold reserves, it may drive funds into Bitcoin
According to The Block, analysts suggest that Trump's plan to audit the Fort Knox gold reserves may lead to stricter scrutiny of gold holdings, potentially driving investors towards Bitcoin. If gold ETFs cannot verify full backing, they may trade at a discount, leading to a global liquidity crunch and prompting a reallocation of funds into digital assets. In this scenario, outflows from gold may convert into inflows into Bitcoin.
OpenSea CEO: The U.S. SEC is concluding its investigation into OpenSea
OpenSea CEO tweeted that the U.S. SEC is concluding its investigation into OpenSea. This is a victory for every creator and builder in the field. Attempting to classify NFTs as securities would be a regression—misinterpreting the law and hindering innovation.
Project Updates
BinaryX: $BNX will be renamed to $Four, holders can exchange for new tokens at a 1:1 ratio
According to the official announcement, BinaryX has officially renamed itself to Four. To ensure a smooth transition, $BNX will be renamed to $Four, and all $BNX holders will be able to exchange their $BNX tokens for new $Four tokens at a 1:1 ratio, with further announcements to follow. The $Four token will maintain the original maximum supply of $BNX without changes, while keeping the original $BNX distribution model.
FTX creditors representative Sunil posted on X platform stating that many FTX claim users currently come from jurisdictions that cannot participate in the distribution, including Russia, China, Egypt, Nigeria, and Ukraine. FTX is reviewing relevant solutions. Additionally, disclosed data shows that Chinese users account for the largest number among the aforementioned jurisdictions, making up about 8%.
Andre Cronje unveils Sonic vision, including fee subsidies, dynamic fees, etc.
Sonic Labs co-founder Andre Cronje posted on X platform stating that Sonic's vision for this year is quite simple:
- Fee monetization (90% of fees will go into applications, not validators and MEV)
- Fee subsidies (eliminating the fee barrier for users to enter)
- Dynamic fees (applications can set fees for users)
- Native economy and account abstraction (no need for wallets or fees)
The above content mainly involves two points:
- Making it as easy as possible for users to try out applications launched on Sonic (removing all barriers to entry and use)
- Helping our application developers earn significant revenue
VanEck: Has modeled U.S. strategic Bitcoin reserves to offset national debt and released tools
Matthew Sigel, head of digital asset research at VanEck Research, posted on X platform stating that U.S. strategic Bitcoin reserves could help offset national debt. The agency has modeled this and released a tool on its website.
In response, Cynthia Lummis, chair of the U.S. Senate Banking Committee's digital asset subgroup, stated that the related tool is cool and worth promoting, as Bitcoin addresses the issue of reducing national debt.
ZachXBT: Over $1.46 billion in suspicious outflows detected from Bybit
On-chain detective ZachXBT posted that over $1.46 billion in suspicious outflows have been detected from Bybit, with more information to follow. ZachXBT added that sources confirm this is a security incident.
Bybit co-founder Ben Zhou posted on X platform: "About an hour ago, Bybit's ETH multi-signature cold wallet transferred to a hot wallet. It seems this specific transaction was forged, and all signers saw a forged UI showing the correct address. However, the signature information was meant to change the smart contract logic of our ETH cold wallet, which led to hackers controlling the specific ETH cold wallet and transferring all ETH from the cold wallet to this unidentified address. Please rest assured that all other cold wallets are safe, and all withdrawals are normal. We will keep the community updated on further developments, and any team that can help track the stolen funds would be greatly appreciated."
Bybit posted on X platform stating that unauthorized activity was detected in an ETH cold wallet. At the time of the incident, the ETH multi-signature cold wallet was transferring to a hot wallet. Unfortunately, this transaction was manipulated by a complex attack that obscured the signature interface while altering the underlying smart contract logic. As a result, the attacker was able to control the affected ETH cold wallet and transfer its assets to an unknown address.
Bybit's security team is actively investigating this incident with blockchain forensic experts and partners. Any team with expertise in blockchain analysis and fund recovery that can assist in tracking these assets is welcome to collaborate. Bybit stated that all other Bybit cold wallets are absolutely safe, all customer funds are secure, operations are proceeding as usual without interruption, and updates will be provided as soon as possible.
Stolen funds from Bybit involve over 400,000 ETH, over 90,000 stETH, 15,000 cmETH, and 8,000 mETH
According to Onchain Lens, ZachXBT monitored a security incident at Bybit, with $1.44 billion in funds withdrawn, including:
- 401,347 $ETH, worth $1.12 billion;
- 90,376 $stETH, worth $253.16 million;
- 15,000 $cmETH, worth $44.13 million;
- 8,000 $mETH, worth $23 million.
Bybit CEO: All customer assets are 1:1 backed even if hacker losses cannot be recovered
Bybit CEO Ben Zhou stated that Bybit is solvent, and even if hacker losses cannot be recovered, all customer assets are 1:1 backed and can compensate for the losses.
Arkham: The attack on Bybit was carried out by the North Korean hacker group LAZARUS GROUP
Arkham announced that on-chain detective ZachXBT submitted conclusive evidence to its platform proving that the attack on Bybit was carried out by the North Korean hacker group LAZARUS GROUP. The submitted report includes detailed analyses of test transactions and wallet connections used before the exploit, as well as multiple forensic charts and timeline analyses. The submitted content has been shared with the Bybit team to support their investigation.
CZ: Suggests Bybit temporarily halt all withdrawals, will provide any assistance if needed
Binance co-founder CZ responded to Bybit CEO Ben Zhou on the X platform, stating, "This is not an easy situation to handle. A possible suggestion is to temporarily halt all withdrawals as a standard security precaution. We will provide any assistance if needed."
SlowMist's Yu Xian disclosed some details about the Bybit Safe multi-signature hack on the X platform: The malicious implementation contract was deployed at UTC 2025-02-19 7:15:23 at address 0xbDd077f651EBe7f7b3cE16fe5F2b025BE2969516.
The attackers used three owners to sign a transaction at UTC 2025-02-21 14:13:35 to replace the Safe implementation contract with a malicious contract at transaction 0x46deef0f52e3a983b67abf4714448a41dd7ffd6d32d32da69d62081c68ad7882.
The malicious upgrade logic was embedded via DELEGATECALL into STORAGE[0x0] 0x96221423681A6d52E184D440a8eFCEbB105C7242.
Subsequently, the attackers used backdoor functions sweepETH and sweepERC20 in the malicious contract to extract assets from the hot wallet.
Bybit's latest financial audit proves it has sufficient reserves to cover user assets
The Web3 auditing firm Hacken, which collaborates with Bybit, released a reserve proof update stating that today's massive hack has dealt a heavy blow to the industry. However, Bybit's reserves still exceed its liabilities. As its independent PoR auditor, we have confirmed that user funds are still fully supported. This means Bybit has sufficient reserves to cover all user assets, maintaining solvency, with security and transparency remaining top priorities.
Subsequently, Bybit CEO Ben replied that Hacken audited our finances, which can prove we can use our finances to compensate for customer losses.
Data: Bybit's total outflow today, including hacker funds, is $2.235 billion
According to DefiLlama data, including funds hacked, Bybit's total outflow today is $2.235 billion. Nevertheless, they still have over $14 billion in on-chain verified assets, including $5.944 billion in BTC. Previously, it was reported that Bybit's latest financial audit proves it has sufficient reserves to cover user assets.
According to The Block, Bybit co-founder and CEO Ben Zhou stated that after the $1.4 billion hack, all customer withdrawals will be processed. The company will not purchase Ethereum but will rely on bridge loans from partners (a type of short-term loan used to help entities during transition periods). "In fact, we have obtained nearly 80% of the stolen Ether as bridge loans, providing us with liquidity to help us address the liquidity crunch so we can get through this critical period."
Previously, Bybit confirmed that after hackers breached the company's multi-signature cold wallet, the company lost $1.4 billion, with an expert calling it "the largest cryptocurrency theft in history."
Earlier reports indicated that 39,998 ETH was transferred from BitGet to Bybit. Coinbase director Conor Grogan tweeted that Binance and Bitget directly deposited over 50,000 ETH into Bybit's cold wallet, with Bitget's deposit accounting for one-fourth of all ETH at the exchange.
Bybit CEO Ben Zhou stated that since the hack (10 hours ago), Bybit has experienced the highest number of withdrawals ever, receiving over 350,000 withdrawal requests, with about 2,100 withdrawal requests still pending. Overall, 99.994% of withdrawals have been completed.
Despite suffering the most severe hack in history (banking, cryptocurrency, finance), all Bybit functions and products are still operating normally, with the entire team working overnight to handle and address customer questions and concerns. Everyone is on standby.
1 hour ago, the hacker's 15,000 cmETH unstaking request was returned
According to on-chain analyst Yu Jin, 1 hour ago, the hacker's 15,000 cmETH unstaking request was returned by the cmETH withdrawal contract. The hacker then authorized a transaction for cmETH on DODO, but no further transactions occurred, possibly due to the very shallow liquidity pool for cmETH. This 15,000 cmETH should be interceptable. Besides this 15,000 cmETH, the total amount of stolen ETH from Bybit is 499,000 (worth $1.37 billion), dispersed by the hacker across 51 addresses.
CZ: Binance did not provide liquidity to Bybit, it may be some whale behavior
In response to community voices regarding Binance providing liquidity to Bybit, CZ stated that it cannot take credit, and it may be some whales lending money to Bybit.
MEXC hot wallet transferred 12,652 stETH to Bybit cold wallet in the past hour
On-chain analyst Yu Jin monitored that the MEXC hot wallet directly transferred 12,652 stETH ($33.75M) to Bybit's cold wallet in the past hour. Bybit should have received support in the form of loans totaling 64,452 ETH ($170.73M) from Bitget and an institution withdrawing from Binance.
The multi-signature wallet protocol Safe tweeted that according to Bybit, the transaction information displayed on the Safe{Wallet} UI is correct, but a malicious transaction with all valid signatures was executed on-chain. The investigation conducted by Safe so far shows:
- No vulnerabilities found in the codebase: A thorough check of the Safe codebase found no evidence of vulnerabilities or modifications.
- No malicious dependencies found: There are no signs of malicious dependencies in the Safe codebase that would affect transaction flow (i.e., supply chain attacks).
- No unauthorized access detected in the logs for the infrastructure.
- Other Safe addresses remain unaffected.
As previously mentioned, Safe has temporarily paused Safe{Wallet} functions to ensure the platform's absolute security. Although the investigation found no evidence that the Safe{Wallet} frontend itself was attacked, a thorough review is ongoing.
Bybit CEO Ben Zhou stated that it has been 12 hours since the most severe hack in history. All withdrawals have been processed. The withdrawal system has now fully returned to normal speed, and users can withdraw any amount without encountering any delays.
Bybit will release a complete incident report and security measures in the coming days. Ben Zhou will also personally update everyone on any new developments. Thank you to all our customers, friends, and partners for your help and support during these difficult 12 hours.
Cross-chain bridge Chainflip responded to Bybit CEO's request on the X platform. They stated: We have done our best to handle the situation, but as a decentralized protocol, we cannot completely stop, freeze, or redirect any funds. However, we have shut down some front-end services to prevent the flow of funds.
Previously reported, Bybit CEO Ben Zhou tweeted that some funds had been transferred to Chainflip, calling for a halt to conversions to other chains, and a bounty program will be announced later.
Opinions
Fox Business reporter Eleanor Terrett posted on the X platform that legal professionals she spoke with believe that the U.S. Securities and Exchange Commission is attempting to reach a settlement with crypto companies rather than directly dismissing related lawsuits, in order to "prove" that spending millions of taxpayer dollars is justified and to save some face. Additionally, SEC commissioners Hester Peirce and Mark Uyeda did inform Coinbase that they were sorry for the inconvenience, which is a real blow to the enforcement regime under Gensler and the Biden administration.
Binance co-founder He Yi stated on the X platform that all Binance employees are restricted from buying and selling all coins for 30 days, and they must wait 30 days after buying before selling, otherwise it will be considered a violation. This indirectly led employees to hold BNB together, and many employees later became passive wealthy and lost their hunger; currently, new blood is needed, and there is also a reflection on the policy being overly corrective.
Bitget CEO Gracy tweeted that Bybit is a respected competitor and partner. Although the losses this time are significant, it is only their annual profit, and I believe customer funds are 100% safe, so there is no need to panic or withdraw. She later added that the assets lent to Bybit are Bitget's own, and user assets will not be affected.
Kanye: All coins on the current market are fake, and I will launch my own coin next week
American producer and rapper Ye (Kanye West) tweeted that all Ye-related memes on the current market are fake, and he will launch his own coin next week.
Important Data
According to Cointelegraph, memecoin fraud is undermining community trust, especially the Libra token incident, leading to a significant decline in Solana user activity. In February, the number of active addresses on the network dropped to an average of 9.5 million per week, down nearly 40% from 15.6 million active addresses in November 2024. As confidence in Solana wanes, cryptocurrencies worth millions of dollars are being transferred from Solana to other blockchains, indicating that potential capital outflows may have a net positive impact on the long-term growth of the blockchain.
Grayscale transfers 3,760 ETH to Coinbase Prime hot wallet address, worth $10.67 million
According to monitoring data from Arkham, about 15 minutes ago, Grayscale transferred 3,760 ETH to a Coinbase Prime hot wallet address, worth $10.67 million. Monitoring shows that these ETH were transferred from Grayscale's Ethereum exchange-traded fund to Grayscale's Coinbase Prime Deposit address, and then to the hot wallet.
Bybit hacker surpasses Fidelity and Vitalik, becoming the 14th largest ETH holder in the world
Coinbase director Conor Grogan disclosed data on the X platform, stating that the Bybit hacker (likely from North Korea) has become the 14th largest ETH holder in the world, currently holding about 0.42% of the total supply of Ethereum tokens, surpassing the ETH holdings of Fidelity and Ethereum co-founder Vitalik Buterin, and holding more than twice the ETH held by the Ethereum Foundation.
According to statistics from SoSoValue and the latest monitoring data from the on-chain security team TenArmor, Bybit trading platform has seen inflows exceeding $4 billion in the past 12 hours, including 63,168.08 ETH, $3.15 billion in USDT, $173 million in USDC, and $525 million in CUSD.
Based on the comparison of inflow data, this inflow has completely covered the losses caused by the hacker attack yesterday. Meanwhile, all services of the Bybit exchange, including withdrawal functions, have returned to normal.
On-chain analyst Yu Jin monitored that the Bybit hacker has begun using the Chainflip cross-chain exchange tool to convert ETH into other assets on other chains. The hacker transferred 5,000 ETH to multiple addresses 40 minutes ago and has laundered 205 ETH through Chainflip.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
