What Happened

On February 21, 2025, we were informed of a Bybit security incident resulting in the unauthorized withdrawal of mETH and cmETH from the exchange. The attacker executed multiple transactions to move assets off the platform.

• 8,000 mETH were swapped for ETH across three transactions via a DEX.
• 15,000 cmETH withdrawal was initiated via mETH Protocol but was not successfully completed.

What You Need to Know

Security measures worked as intended: The 8-hour withdrawal delay built into the protocol successfully prevented the exploiter from immediately withdrawing cmETH.

No risk to Mantle or mETH Protocol: The breach occurred at Bybit; throughout the incident, Mantle and mETH Protocol remain secure, and user funds are safe.

What We Did to Mitigate the Impact

1. Paused cmETH withdrawals: The 8-hour withdrawal delay built into the protocol provided the team with critical response time to temporarily pause the contract, effectively stopping unauthorized withdrawals.
2. Blacklisted exploiter address: The exploiter’s wallet addresses were blacklisted, preventing further cmETH transfers or interactions within the protocol.
3. Reduced cmETH liquidity on Mantle Network L2: As an additional security measure to limit potential exposure.
4. Recovered cmETH supply: 15,000 cmETH were recovered from the exploiter's address to a recovery address, reinstating the integrity of cmETH supply.

These measures ensured that the impact was contained, and no unauthorized cmETH exits occurred. cmETH contracts have since resumed and operations are back to normal.

Official Links

We are here to support our community. If you have any questions or concerns, please reach out through our official channels: X/Twitter Telegram Discord