The root cause behind the Bybit hack is still burning debates among cryptocurrency community, as some are blaming implementation flaws in the Ethereum Virtual Machine (EVM) while others pointing fingers at operation security failure.
Adam Back from Blockstream supported his criticism of EVM technology on X by claiming its design problems contributed to the attack. Bybit suffered the largest recorded crypto hack in history after losing 1.4 billion Ether-related tokens in the cyber assault.
EVM Transaction Complexity: A Key Factor in Bybit’s Hack?
Consecutive EVM security breaches weaken total public confidence in digital currency sphere especially Bitcoin. In his X post the expert explained how people misunderstand the security issue of EVM hacks because they fail to see EVM’s weakness: the ability to reach zero.
Repeated broken security on EVMs damages the trust people have in all crypto systems which spreads unfairly to Bitcoin itself. Community members strongly disagreed with Back’s view as they linked the breach to operational security problems that affected multisignature wallets yet spared EVM technology.
Back continued his negative assessment by viewing the EVM as a ‘difficult to manage, weak security arrangement’. Back observed contract security weakness on February 22 and said that EVM blockchain continues to lose billions annually due to such problems.
#bitcoin dominance ratchets higher. Another day, another EVM contract hack. https://t.co/5F7tF28dCW
— Adam Back (@adam3us) February 22, 2025
According to Back’s research the EVM transaction complexity caused the vulnerability on Bybit hardware wallets but not wallet equipment problems. He claimed that Bitcoin runs without such problems.
The main benefit of hardware wallets shows up in the screen display where you check both payment amount and destination address. According to him the verification process in Ethereum would not work on EVM hardware due to its state size.
https://twitter.com/toghrulmaharram/status/1893019897749283187
Industry Experts Challenge Back’s View on EVM Security
More industry experts saw different sides of the issue than Back. CEO Dima Budorin from cybersecurity company Hacken explains that Ethereum or EVM security issues exist in multiple blockchain ecosystems. He stated:
“Even Bitcoin’s multisig setups, though simpler by design, remain susceptible to risks such as human error, phishing, or advanced attacks targeting signer devices and workflows.”
Lex Fisun as co-founder and CEO of Swiss blockchain analytics firm Global Ledger refuted Back’s claim. According to Fisun the operation team at Bybit failed to protect their cold wallet which led to a single ETH breach but left the other wallets safe. He pointed out that the stolen wallet was managed by multiple signers who presumably signed a fake transaction. Fisun said:
“Nearly all decentralized exchanges rely on the EVM, while centralized exchanges like Coinbase, Binance and Kraken use proprietary trading engines. Bybit isn’t decentralized, but they may have used the EVM in some capacity; to what extent remains unclear.”
Ethereum co-founder Vitalik Buterin does not speak about concerns about EVM security in the ongoing public discussion. The person responsible for the Bybit hack currently holds more Ethereum than 13 other organizations combined including Fidelity and Vitalik Buterin.
Bybit did not respond to questions about whether this incident involved any EVM system vulnerabilities.
The Bybit hacker (Most likely N.K. ) is now the 14th largest ETH holder in the world
They hold roughly 0.42% of total supply, more than Fidelity, Vitalik, and 2x +what the Ethereum Foundation holds pic.twitter.com/ZMGY2Bx1B3
— Conor (@jconorgrogan) February 21, 2025
