Today's news tips:
1. Coinbase Co-founder: Reached an agreement with the US SEC, and the relevant lawsuit is expected to be formally approved and withdrawn next week
2. OpenSea CEO: The US SEC is ending its investigation into OpenSea
3. ZachXBT: Suspicious fund outflows of more than $1.46 billion were detected on Bybit
4. The stolen funds from Bybit involved over 400,000 ETH, over 90,000 stETH, 15,000 cmETH and 8,000 mETH
5.Bybit CEO: Nearly 80% of the stolen ETH has been obtained from partners as a bridge loan to ease liquidity crunch
6.Bybit CEO: All withdrawals have been processed, and a full incident report and security measures will be released in the next few days
7.Arkham: Bybit was attacked by the North Korean hacker group LAZARUS GROUP
8. He Yi: Binance employees are restricted from buying and selling all coins for 30 days, otherwise it will be considered a violation
9. Kanye: All the current coins on the market are fake. I will launch my own coin next week.
Regulatory/Macro
Coinbase co-founder and CEO Brian Armstrong posted on the X platform that after years of litigation, millions of taxpayers' money were spent, and irreparable damage was caused to the country, Coinbase reached an agreement with the staff of the U.S. Securities and Exchange Commission to withdraw their lawsuit against Coinbase. Once approved by the U.S. Securities and Exchange Commission (it was told that it would be approved next week), it will be a complete revocation, with zero fines and no changes to the business.
1. The SEC erred on the law.
2. Surrendering to the SEC’s demands could lead to the demise of the U.S. crypto industry.
3. Dismissing the lawsuit is the right choice for Coinbase’s customers and the industry.
Brain Armstrong said that he looks forward to the SEC's reforms under the leadership of Paul Atkins, Mark Uyeda, Hester Peirce and DOGE, and looks forward to new and wiser personnel entering leadership positions.
Paul Grewal, Chief Legal Officer of Coinbase, posted on the X platform that "case dismissal" is the word that every defendant in the case is eager to hear. The SEC will dismiss the Coinbase case. There will be no settlement or compromise - mistakes will only be corrected. However, Coinbase still has a lot of work to do and cannot be distracted. Legislation is essential to ensure that this illegal behavior does not happen again. Coinbase will not stop fighting until clear rules are established to allow the industry to truly thrive in the United States. Cooperation will be key, and we look forward to working with the U.S. Congress and SEC staff to promote the next stage of progress.
Trump's review of US gold reserves could drive money into Bitcoin
According to TheBlock, analysts said that Trump's plan to audit the gold reserves at Fort Knox could lead to stricter scrutiny of gold holdings, which could drive investors to Bitcoin, because if gold ETFs cannot verify full backing, they may trade at a discount, leading to a global liquidity dry-up and prompting funds to be reallocated to digital assets. In this case, gold outflows could translate into Bitcoin inflows.
OpenSea CEO: The US SEC is closing its investigation into OpenSea
OpenSea CEO tweeted that the US SEC is ending its investigation into OpenSea. This is a win for every creator and builder in this space. Trying to classify NFTs as securities would be a step backwards - misinterpreting the law and hindering innovation.
Project News
BinaryX: $BNX will be renamed $Four, and holders can redeem the new token at a 1:1 ratio
According to the official announcement, BinaryX announced that it has officially changed its name to Four. To ensure a smooth transition, $BNX will be renamed $Four, and all $BNX holders will be able to exchange their $BNX tokens for new $Four tokens at a 1:1 ratio. Further announcements will be made later. The $Four token will maintain the original maximum $BNX supply, which will not change, and will maintain the original $BNX distribution model.
Sunil, the representative of FTX creditors, posted on the X platform that many FTX claimants are from jurisdictions that are temporarily unable to participate in the distribution, including Russia, China, Egypt, Nigeria, and Ukraine, and FTX is reviewing relevant solutions. According to disclosed data, Chinese users have the largest number of users in the above jurisdictions, accounting for about 8%.
Andre Cronje announces Sonic vision, including fee subsidies, dynamic fees, and more
Sonic Labs co-founder Andre Cronje wrote on the X platform that Sonic’s vision for this year is quite simple:
Fee monetization (90% of fees go to applications, not validators and MEV)
Fee subsidy (eliminating the fee barrier for users to enter the market)
Dynamic fees (apps can set fees for users)
Native economy and account abstraction (no wallet or fees required)
The above content mainly involves two points:
Make it as easy as possible for users to try out apps launched on Sonic (remove all barriers to entry and usage)
Help our app developers earn a lot of money
VanEck: Modeling and publishing tools to offset US strategic Bitcoin reserves against national debt
Matthew Sigel, head of digital asset research at VanEck Research, wrote on the X platform that the U.S. strategic Bitcoin reserves could help offset the national debt, and the agency has modeled this and published a tool on its website.
In this regard, Cynthia Lummis, chairperson of the U.S. Senate Banking Subcommittee on Digital Assets, said that the relevant tools are cool and worth promoting, and Bitcoin solves the problem of reducing national debt.
ZachXBT: Detected suspicious fund outflows of more than $1.46 billion from Bybit
On-chain detective ZachXBT posted that he had detected suspicious outflows of more than $1.46 billion from Bybit, and would provide more information later. ZachXBT added that sources confirmed that this was a security incident.
Ben Zhou, co-founder of Bybit, posted on the X platform: "About 1 hour ago, the Bybit ETH multi-signature cold wallet transferred funds to the hot wallet. It seems that this particular transaction was forged. All signatories saw a forged UI showing the correct address. However, the signature information was to change the smart contract logic of our ETH cold wallet, which led to the hacker taking control of the signed specific ETH cold wallet and transferring all ETH in the cold wallet to this unidentified address. Please rest assured that all other cold wallets are safe and all withdrawals are normal. The community will be informed of more progress at any time. If any team can help track the stolen funds, it will be greatly appreciated."
Bybit posted on the X platform that it had detected unauthorized activity involving an ETH cold wallet. When the incident occurred, the ETH multi-signature cold wallet was transferring funds to the hot wallet. Unfortunately, the transaction was manipulated by a complex attack that obscured the signature interface and changed the underlying smart contract logic. As a result, the attacker was able to control the affected ETH cold wallet and transfer its assets to an unknown address.
The Bybit security team, blockchain forensics experts and partners are actively investigating this incident. Any team with expertise in blockchain analysis and fund recovery who can assist in tracing these assets is welcome to cooperate. Bybit said that all other Bybit cold wallets are absolutely safe, all customer funds are safe, operations are proceeding as usual, there will be no interruptions, and updates will be provided as soon as possible.
According to Onchain Lens, ZachXBT monitored Bybit's security incident, and funds worth $1.44 billion were withdrawn, including:
- 401,347 $ETH, worth $1.12 billion;
- 90,376 $stETH, valued at $253.16 million;
- 15,000 $cmETH, worth $44.13 million;
- 8,000 $mETH, worth $23 million.
Bybit CEO: Even if the hacker losses cannot be recovered, all customer assets are backed 1:1
Bybit CEO Ben Zhou said that Bybit is solvent, and even if the hacker losses cannot be recovered, all customer assets are backed 1:1 and the losses can be compensated.
Arkham: Bybit was attacked by the North Korean hacker group LAZARUS GROUP
Arkham announced that on-chain detective ZachXBT submitted conclusive evidence to its platform, proving that the attack on Bybit was carried out by the North Korean hacker group LAZARUS GROUP. The report he submitted includes a detailed analysis of the test transactions and connected wallets used before the vulnerability was exploited, as well as multiple forensic charts and timing analysis. The submission has been shared with the Bybit team to support their investigation.
Binance co-founder CZ responded to Bybit CEO Ben Zhou on the X platform, saying: “This is not an easy situation to handle. The possible suggestion is to temporarily stop all withdrawals as a standard safety precaution. Any help will be provided if needed.”
SlowMist Cosine disclosed some details of the Bybit Safe multi-signature hack on the X platform: The malicious implementation contract was deployed at 0xbDd077f651EBe7f7b3cE16fe5F2b025BE2969516 at UTC 2025-02-19 7:15:23
The attacker used three owners to sign the transaction 0x46deef0f52e3a983b67abf4714448a41dd7ffd6d32d32da69d62081c68ad7882 to replace the Safe implementation contract with the malicious contract at UTC 2025-02-21 14:13:35
Malicious upgrade logic is embedded into STORAGE[0x0] 0x96221423681A6d52E184D440a8eFCEbB105C7242 via DELEGATECALL
The attacker then used the backdoor functions sweepETH and sweepERC20 in the malicious contract to withdraw assets from the hot wallet.
Bybit's latest financial audit proves that it has sufficient reserves to cover user assets
Hacken, the Web3 auditing agency that Bybit cooperates with, released a proof of reserve update saying that today's hacker attack was huge and dealt a heavy blow to the industry. But Bybit's reserves still exceed its liabilities. As its independent PoR auditor, we have confirmed that user funds are still fully backed. This means that Bybit has enough reserves to cover all user assets, solvency remains unchanged, and security and transparency remain top priorities.
Bybit CEO Ben then responded that Hacken had audited our finances, which could prove that we could use our own finances to compensate our customers’ losses.
Data: Bybit’s total outflow today, including hacker funds, is $2.235 billion
According to DefiLlama data, including hacked funds, Bybit's total outflow today is $2.235 billion. Even so, they still have more than $14 billion in verified assets on the chain, including $5.944 billion in BTC. Earlier news, Bybit's latest financial audit proved that it has enough reserves to cover user assets.
According to Theblock, Bybit co-founder and CEO Ben Zhou said that all customer withdrawals will be processed after the $1.4 billion hack. The company will not purchase Ethereum, but will rely on bridge loans (a short-term loan used to help entities transition) from partners. "In fact, we have obtained nearly 80% of the stolen Ethereum as a bridge loan to provide us with liquidity and help us solve liquidity crunch so that we can get through this critical period."
The news comes after Bybit confirmed it had lost $1.4 billion after hackers breached its multi-signature cold wallets, in what one expert called the “largest cryptocurrency theft ever.”
Earlier news, 39,998 ETH was transferred from BitGet to Bybit. Coinbase director Conor Grogan tweeted that Binance and Bitget will deposit more than 50,000 ETH directly into Bybit's cold wallet, of which Bitget's deposit is 1/4 of all ETH on the exchange.
Bybit CEO Ben Zhou said that since the hack (10 hours ago), Bybit has experienced the most withdrawals ever, with a total of more than 350,000 withdrawal requests received, and so far, there are about 2,100 withdrawal requests pending. Overall, 99.994% of withdrawals have been completed.
Despite the worst hack ever (banking, crypto, finance), all Bybit features and products are still operating normally, and the entire team stayed up all night to handle and answer customer questions and concerns. All hands on deck.
1 hour ago Bybit hacker's 15,000 cmETH pledge application was returned
According to on-chain analyst Yu Jin’s monitoring, 1 hour ago, the Bybit hacker’s 15,000 cmETH unstaking application was returned by the cmETH withdrawal contract. Then the hacker authorized the cmETH transaction on DODO, but there was no further transaction, perhaps because the cmETH liquidity pool was very shallow. These 15,000 cmETH should be intercepted. In addition to these 15,000 cmETH, the number of ETH stolen from Bybit is 499,000 ($1.37 billion), which were stored in 51 addresses by hackers.
CZ: Binance did not transfer liquidity to Bybit, it may be some whale behavior
In response to the voices in the community about Binance transferring liquidity to Bybit, CZ said that he cannot take credit for it, and it may be that some whales lent money to Bybit.
MEXC hot wallet transferred 12,652 stETH to Bybit cold wallet in the past hour
According to on-chain analyst Ember, MEXC’s hot wallet directly transferred 12,652 stETH ($33.75M) to Bybit’s cold wallet in the past hour. Bybit should have received 64,452 ETH ($170.73M) in loan support from Bitget, an institution that withdrew funds from Binance, and MEXC.
The multi-signature wallet protocol Safe tweeted that according to ByBit, the transaction information displayed by the Safe{Wallet} UI was correct, but a malicious transaction with all valid signatures was executed on the chain. Safe’s investigation so far shows:
- No codebase vulnerabilities found: The Safe codebase was thoroughly examined and no vulnerabilities or evidence of modification were found.
- No malicious dependencies found: There is no indication of malicious dependencies in the Safe codebase that could affect transaction flow (i.e., supply chain attacks).
- No unauthorized access to the infrastructure was detected in the logs.
- No other Safe addresses were affected
As previously announced, Safe has temporarily suspended Safe{Wallet} functionality to ensure the absolute security of the platform. While the investigation found no evidence that the Safe{Wallet} frontend itself was compromised, a thorough review is ongoing.
Bybit CEO Ben Zhou said that 12 hours have passed since the worst hack in history. All withdrawals have been processed. The withdrawal system has now fully returned to normal speed, and users can withdraw any amount without any delays.
Bybit will publish a full incident report as well as safety measures in the coming days. Ben Zhou will also personally keep everyone informed of any new updates. Thank you to all our customers, friends, and partners who helped and supported us during this difficult 12 hours.
Chainflip, a cross-chain bridge, responded to the request of Bybit CEO on the X platform. It said: We have tried our best to deal with it, but as a decentralized protocol, we cannot completely block, freeze or redirect any funds. However, some front-end services have been closed to prevent the flow of funds.
Earlier news , Bybit CEO Ben Zhou tweeted that part of the funds have been transferred to Chainflip, calling for a ban on conversion to other chains and a bounty plan will be released later.
Viewpoint
Fox Business reporter Eleanor Terrett wrote on the X platform that the legal professionals she talked to believed that the SEC was trying to reach a settlement with crypto companies rather than directly dismissing the lawsuits in order to "justify" spending millions of taxpayers' money and save a little face. In addition, Hester Peirce and Mark Uyeda, two SEC commissioners, did inform Coinbase that they were sorry for the inconvenience, which was a real heavy blow to the enforcement system of the SEC under Gensler Gensler and Biden.
He Yi, co-founder of Binance, said on the X platform that Binance employees are restricted from buying and selling all coins for 30 days. They can only sell after 30 days of buying, otherwise it will be considered a violation. This move indirectly led to employees holding BNB together, and later many employees passively became rich and lost their hunger; new forces are needed at present, and at the same time, they are also reflecting on the policy of overcorrection.
Bitget CEO Gracy tweeted that Bybit is a respectable competitor and partner. Although the loss this time is huge, it is only their annual profit. I believe that customer funds are 100% safe and there is no need to panic or run. He then added that the assets loaned to Bybit are Bitget's own and user assets will not be moved.
Kanye: All the current coins on the market are fake, and I will launch my own coin next week
American producer and rapper Ye (Kanye West) tweeted that all Ye-related memes currently on the market are fake and that he will launch his own coin next week.
Important data
Memecoin fraud erodes community trust, Solana on-chain user activity drops nearly 40% in February
According to Cointelegraph, Memecoin fraud is eroding community trust, especially the Libra token incident, which has led to a significant decline in Solana user activity. In February, the number of active addresses on the network fell to an average of 9.5 million per week, down nearly 40% from 15.6 million active addresses in November 2024. As confidence in Solana wanes, millions of dollars worth of cryptocurrencies are being transferred from Solana to other blockchains, indicating that potential capital outflows could have a net positive impact on the long-term growth of blockchains.
Grayscale transfers 3,760 ETH worth $10.67 million to Coinbase Prime hot wallet address
According to Arkham monitoring data, about 15 minutes ago, Grayscale transferred 3,760 ETH worth $10.67 million to the Coinbase Prime hot wallet address. Monitoring shows that these ETH were transferred from the Grayscale Ethereum exchange-traded fund to Grayscale's Coinbase Prime Deposit address, and then transferred to the hot wallet.
Bybit hacker surpasses Fidelity and Vitalik to become the world's 14th largest ETH holder
Coinbase director Conor Grogan disclosed data on the X platform, saying that the Bybit hacker (most likely from North Korea) has become the world's 14th largest ETH holder, currently holding about 0.42% of the total supply of Ethereum tokens, exceeding the ETH holdings of Fidelity and Ethereum co-founder Vitalik Buterin, and more than twice the ETH holdings of the Ethereum Foundation.
According to statistics from SoSoValue and the latest monitoring data from the on-chain security team TenArmor, the Bybit trading platform has received a total inflow of more than US$4 billion in the past 12 hours, including 63,168.08 ETH, US$3.15 billion in USDT, US$173 million in USDC and US$525 million in CUSD.
According to the comparative fund inflow data, this fund inflow has completely covered the fund loss caused by the hacker attack yesterday. At the same time, all services of the Bybit exchange, including the withdrawal function, have returned to normal.
On-chain analyst Ember monitored that the Bybit hacker has begun to exchange ETH for other assets on other chains through the Chainflip cross-chain exchange tool. After the hacker transferred 5,000 ETH to multiple addresses 40 minutes ago, he has washed away 205 ETH through Chainflip.
