A hot potato: Bybit, a Dubai-based crypto exchange, announced on Friday that hackers had stolen a staggering $1.5 billion worth of digital assets, making it the largest crypto heist in history. The attackers exploited security vulnerabilities during a transaction, allowing them to transfer a significant amount of Ethereum.
The hackers stole the crypto from Bybit's cold wallet, an offline storage system that's supposed to be highly secure. Around 400,000 ETH were swiped in all, reportedly representing over 70% of its ETH reserves. Ethereum is currently the second-largest crypto after Bitcoin.
Not long after, Bybit CEO Ben Zhou took to X to reassure users that their funds were safe and that the exchange would be reimbursing anyone impacted by the breach. He added that while Bybit holds around $20 billion in client assets, it would cover any unrecovered funds through its own treasury or by taking out loans from partners.
Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago. It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe . However the signing message was to change…
– Ben Zhou (@benbybit) February 21, 2025
This heist blows previous crypto crimes out of the water. It dwarfs other massive hacks like the $620 million Ronin Network job in 2022 and the $611 million swiped from Poly Network in 2021.
Some blockchain analysis firms like Elliptic and Arkham Intelligence traced the stolen crypto as it was rapidly scattered across different wallets and cashed out on various platforms. They eventually linked it to the infamous Lazarus Group, a North Korean state-sponsored crew. These devious hackers have a long track record of plundering the crypto world to fund the regime's wealthy elite. As of 2022, they were estimated to have looted over $1 billion worth of crypto across multiple hacks and scams.
In response to the Bybit breach, Tom Robinson from Elliptic said in an email to CNBC that they've flagged the thief's wallet addresses in their software to try to prevent the funds from being laundered through other exchanges.
The Bybit hack also sparked a frenzy of customer withdrawals as users feared potential insolvency. The company assured customers that withdrawals were proceeding as expected, with Zhou later adding that outflows had stabilized. He also stated that the company remains solvent even if the losses from the hack are not recovered and that all client assets are "1 to 1 backed."
A recent blog post also reassures users that Bybit's platform and all other services, including trading products, cards, and P2P, remain "fully operational."
Record $1.5 billion crypto heist hits exchange, Ethereum reserves drained
