*HUGE* $1.4 Billion Crypto Hack | Bybit "Bank Run"

we just had one of the largest

cryptocurrency hacks ever this is not

good and I'll tell you I feel like crap

but we got to cover this I wanted to

take a nap and I'm like what $1.4

billion hacked holy smokes this is not a

joke at all look at this after all this

is the history of cryptocurrency hacks

we've got the Ronin hack of 625 million

poly Network 611 binance uh Bridge 569

coin check 532 FTX 477 Mount goau was

473 Wormhole 325 the bybit hack right

now $

1.4

billion the largest out of this list and

if you add it all together makes up a

large chunk of pain so what happened and

how could a hack like this potentially

be prevented what potentially went wrong

and what has bybit said about this hack

thus far and who the heck done it well

obviously we don't know who done it we

do know their wallet address and can you

guess what the wallet is doing um if you

guessed sending it to a bunch of

different

wallets yep that's exactly what's

happening there you go hacker address

good luck now the goal is obviously to

track all of these down thesis is that

it will be very difficult for this

hacker to actually liquidate the

ethereum to a usdc or a tether because

uh Circle or the other involved entities

would just end up freezing the funds so

instead they might have to just

distribute this to many different people

change it uh you know throw it into

tornado cash change it to different

cryptocurrencies and just buy things

strictly with cryptocurrency uh but what

the hacker does with the money is less

important because recovery is very very

difficult for situations like this uh

instead what we should think about is

what's going on with customers and

what's going on with bybit so let's get

started with that so I just listened to

about an hour and a half of the bybit

explanation of what happened and it's a

lot the most important thing that we

know so far is that byit suggests

they're experiencing a bank run but they

say that all of their assets are safe

now I've heard this before and I tweeted

about this I made a joke fool me once

shame on you fool me twice shame on me

I've been fooled by this sort of stuff

before but let's put it this way when we

look here what do we find FTX back uh

you know a couple years ago FTX is

solvent it always has been there's no

problem CEO of bit bit is solvent with

the capital S even if this hack loss is

not recovered all client assets are

backed one to one and we can cover the

loss okay so there a couple things here

to know when when cryptocurrency

exchanges tell you that assets are

backed one to one usually what they've

done is they've done some sort of proof

of Reserve study uh these are very very

basic level Audits and they usually work

something like this let's say you have

$100 in cash and then you have deposits

of $100 of Bitcoin $100 of salana $1100

of ethereum individually you have $100

to cover those Bitcoin deposits

but you don't have $100 to cover if all

three of these got called away hacked

margined whatever the other thing that's

very important to know is the executives

at bit are saying hey you know this

isn't a big deal we have $20 billion of

assets this is just one and a half we

have retured earnings we can handle this

this is just 12th of the money that we

have hold on a second when a company has

$20 billion of assets under management

that doesn't mean you have 20 billion

to spend however you want it's not your

money something to know when you run a

fund and you take deposits from people

you might take like somebody could hand

you tomorrow a billion dollars and say

hey here's a billion dollars technically

on your balance sheet you have a billion

dollars of cash of assets right does

that make you a billionaire no because

on your balance sheet you would also

show a liability I now owe this person

$1 billion back so technically if you

you have $20 billion of assets under

management you also have $20 billion of

liabilities because you owe people their

money back so if you lose one and a half

and you can't do anything with the 20 in

assets you have because you already owe

that 20 so those zero out so now if you

lose one and a half and you got to pay

people back you got to either borrow or

take it from the other cash you have and

guess what bit is doing well they stated

that we have the money we're not going

to be buying ethereum instead we are

taking a bridge loan to cover 80% of the

assets from our partners and they said

quote even if we are experiencing a bank

run which we already experienced in the

last two hours it's not an

issue I've heard of lines like this

before don't worry you don't need to

take your money out everything is fine

we're processing withdrawals as normal

we've heard this all before and then

what happens they start slowing down

certain transactions usually the big

ones and guess what bip bid is doing

right now they're slowing down

transactions in fact they're saying that

most people are getting their

withdrawals out however not

everybody because some people just need

to be patient they need to wait a few

hours to make sure that they can get all

of their money out because they're

verifying those transactions my guess is

that's probably um a set of larger

transactions that are going to be held

up you know somebody wants to withdraw

100

bucks it's not going to be as big of a

deal right it's going to be more

manageable but if you're trying to take

out uh a larger amount going to have an

issue let's listen to how they say so uh

you know even if we are experiencing a

bank run uh you know which we already

witnessed uh in the in the previous two

hours gez um it's not an issue uh we

have enough uh uh tokens to give to the

clients for withdraws yeah it doesn't

give me a lot of confidence when you're

saying that in the Frozen up posture the

Frozen up defensive

posture everything's fine you're hugging

yourself because you know everything's

not fine this could be the end of bip it

now I'm not trying to you know go

extreme here but let's just put it this

way I personally if I had my funds on

Exchange in 2025 I don't know why you

would but just in the event that you did

I probably wouldn't keep my money on the

exchanges just like the warning I gave

back in the day when FTX was collapsing

I'm like you know what I'd get my money

out it's the same warning that I gave

before Voyager collapsed it's the same

warning I gave before uh cryptocurrency

uh stable coin started collapsing and

blocki went down same warnings once it

starts it's really hard to stop now the

CEO also tried to explain how this hack

took place place and how the hack took

place is a little bit concerning to me

because it sounds like they got spoofed

uh and it's not just that and we'll have

to speculate on what exactly happened

but the head of

derivatives is on X live streaming from

a hotel room that looks like it was shot

up by the

Taliban now somebody replied to my

comment about that on X and said he

mentioned at the beginning of the live

stream that his work colleague

completely trashed his hotel room after

hearing about hack and then I wrote I'm

not sure if that gives me Comfort or

more

concern let's streamline this if y'all

screwed up so badly that the next thing

you're going to do is resort to

destroying a hotel room that's not yours

I get even more

nervous oh my goodness all right so with

that let's now look at uh how this this

potential link movement happened so the

CEO of bit

explains how they ended up verifying

this transaction and I want you to hear

the words for about 20 seconds and then

let's analyze it to the W wallet uh when

we saw the transaction it was business

as usual um uh I can uh at least

speaking for my part I was the last

signer of this transaction uh when this

transaction came it was a normal URL I I

double checked it was the safe URL uh

from the official safe website we always

use official website uh so that was one

of the safety protocols we we we

deployed is to check so we check I

checked on that I click on the link and

checked and then I checked on the UI the

um the destination address uh to make

sure that it is our warm wallet and we

have a procedure to make sure that it is

uh what we saw so all of that checked

out and the initial transfer that we

made uh was uh around I believe 30,000

ET uh 30,000

ethereum and you did not use a hard

wallet to verify the destination you're

sending the money

to see here's the

thing extensions like metamask or safe

they could have malicious updates made

to them we don't know if this happened

this is this is speculation there could

be errors or interceptions on the

development end there could be errors on

your local devices this could even be an

Insider job maybe somebody on the inside

updated the template for the smart

contract that essentially displayed

through the UI the user interface the

correct address but actually sent the

money to the wrong address one way you

could mitigate 99% of these spoofs

because you know you still need a human

to verify this stuff one way you can

mitigate a lot of these spoofs is by

actually using a hard wallet this would

be a great place for a hardware wallet

sponsor but I I don't have one but

anyway so anyway let's say uh you had a

hardware wallet and you were going to

verify this transaction all you would

need is one of the four people multi

signing to run this through a hardware

wallet and then what would they have

seen well they would have looked and

seen that the actual destination address

was different than what they expected it

to be because that's one of the benefits

of the hardware wallet I mean you do get

a lot of pages you have to go through

but one of them is this is where the

money is actually going rather than Au

like it bypasses your device it bypasses

your browser it gives you a bottom line

are you sure this is the address you

want the money to go to now there many

other things you could do you could use

simulators you could use Smart uh smart

contract decoders there are plenty of

ways you could verify that the smart

contracts you're working with are

actually legitimate but a basic Hardware

wallet would have made this simple and

you just heard the CEO say well I looked

on I clicked the link and everything

looked good I heard that I'm like you're

telling me you sent

30,000

ethereum without a hardware device some

kind of security key or anything off

device to verify the

transaction yeah well I mean it look

right look

good now this isn't to say that a

mistake couldn't have also been made I'm

going to put something on screen when I

put this on screen I want you to tell me

is there a difference between these two

wallets okay and when I give you uh this

on screen here I want you to ask

yourself how long does it take you in a

realistic setting to find if there is

any difference between these now you

could run them through like a GPT an

open AI or whatever and use that but I

want you to pretend you're on a hardware

wallet you're stressed you got a million

emails or whatever and at least you're

trying with the hardware wallet which

wasn't the case here apparently uh and

you're comparing where you're expecting

the signature to or the the transaction

to go to and what your Hardware wallet

says okay ready going to put it on on

screen I'm going to give you 5 Seconds

to figure it out where's the difference

is there a difference maybe there's not

even a difference five 4 3 2 1 did you

see it they're different okay it's

really hard right here you expect this

to be

XYZ it's actually XY y it's crazy it's

like maybe you saw it right away maybe

you got those perfect Eagle Hawk Eyes in

which case I'm proud of you I don't have

that I'm just saying it is kind of hard

to verify some of these hashes and I'm

not trying to make excuses just saying

it does get a little bit easier if at

least you take the step of using a

hardware wallet the reason I'm bringing

this up though is because it shows that

there can still be a failure even if

you're using a hardware wallet because

you could still get spoofed uh but this

would be human error and as opposed to

being lied to by what your user

interface is showing you so we don't

know what certainty but it sounds like

uh they're I mean here's this is

speculation okay there could have been

an Insider that changed the template uh

maybe somebody who was paid uh somehow

maybe somebody delivered them uh a you

know an unofficial Chrome extension or

whatever that had a malicious template

uh that was essentially able to execute

into their wallet extension probably the

first signer that modified the contract

for everyone and then everybody signed

off on it four signers I don't know and

and time will tell what it is but again

just as sort of an outsider outside of

this company I I cannot believe that

there was no Hardware

verification this is just a battery mind

you um that there was no Hardware

verification for a 30,000 ethereum

transaction but anyway uh other things

to hear here so uh they say

that uh everyone is affected but your

assets are safe when they're asked are

we covered one to one uh they said we

will do whatever we can to cover the

ethereum exposure we don't know if we're

going to be able to get our hands you

know on on the money again uh who's

affected to be honest everyone is

affected worth noting that bip bit was

launched in

2018 they said they likely won't be

buying ethereum uh they keep talking

about how much they have in AUM but I I

don't think I think they're just trying

to do that to Plate people who don't

understand what assets under management

are but I've already explained that uh

uh you know this this theoretically

could have been some kind of like

malicious message or download that they

got you know so you have to be obviously

very careful clicking links or or you

know downloading uh unauthorized

software which should be pretty obvious

again which is why I'm just like how how

could this happen it could have just

been as simple as an Insider right the

first signer maybe who

knows gets paid hey we'll send you 20

million bucks you can retire go to you

know we'll fly you somewhere and uh you

you know get get the contract modified

to look like this the next time you all

need to move money from your cold wallet

to your warm wallet that's what they

call it by the way that's basically from

Storage to here's our actual operating

bank account so to speak uh and they

needed to top it off because maybe they

were experiencing withdrawals for just

normal ordinary everyday reasons now all

of a sudden they're in their words quote

unquote experiencing Bank a bank run so

I would expect over the next uh

probably 20 24 to 72 hours if they don't

freeze withdrawals within the next 24 to

72 hours to just kind of like Get

stabilized they'll probably collapse

that's probably why they got a bridge

loan because their investors know okay

if we don't bail this situation out

right now they're going to

collapse so the next hours will be very

critical for them if they can survive

and get through this with enough lending

and people don't withdraw Too Much from

the

platform uh because again withdrawals

past what was lost aren't actually that

bad because you know if you have 20

million in assets under management and

somebody wants some of that money back

you just give it back to them that's not

that bad like people can take their

money out because you have it assuming

you have it but the part that you lost

is the problem and so if everybody who

had deposited ethereum that is now lost

wants to withdraw their $15 billion they

have to really quickly raise $1.5

billion to cover that all of the excess

above that would just be a normal

withdrawal which they could process the

problem is are they going to go bankrupt

by not being able to process the

withdrawals of the money they lost and

then they run into a panic situation

where all the other depositors leave

because they're also rightfully

concerned uh and then they can't make

money anymore off fees to sustain their

business now all of a sudden their

expenses are higher than their income

and now you're burning even more money

making it even harder to get your money

back

just an example of how that works but

anyway this is a sad day uh for the

crypto industry it's also sad day for

the NASDAQ it's down 2% today on a whole

lot of fears there's a lot of fear and

uncertainty and doubt and and stuff

going on today but uh anyway look I

appreciate you all being here uh you

know check out my courses on building

your wealth over at me kevin.com if you

want to be part of my course member live

streams in the morning and um we'll see

you all soon really appreciate you

thanks so much bye why not advertise

these things that you told us here I

feel like nobody else knows about this

we'll we'll try a little advertising and

see how it goes congratulations man you

have done so much people love you people

look up to you Kevin P there financial

analyst and YouTuber meet Kevin always

great to get your take