Bybit’s cold wallet for ETH relies on a multisig system, where more than one person must approve a transaction before it can be executed, making it typically very secure. However, hackers have been able to trick signers into approving a malicious modification to the wallet’s smart contract, using techniques such as UI spoofing or transaction masking.