Bybit, a Dubai-based cryptocurrency exchange, reported a massive security incident in which attackers stole Ethereum worth 1.5 billion US dollars. This incident represents the largest theft in the history of cryptocurrencies.
During a routine transfer from a cold wallet to a hot wallet, the hackers managed to take control of the cold wallet and transfer 401,000 Ethereum - currently around USD 1.1 billion - to an unknown address. Bybit CEO Ben Zhou assured customers that their remaining assets were safe and that the company remained solvent.
Subscribe to our newsletter
The best articles of the week, directly delivered into your mailbox.
Details of the Bybit hack
The attack on Bybit occurred during a transfer from a cold wallet to a hot wallet-a process routinely carried out by crypto exchanges to ensure liquidity. In doing so, the hackers managed to take control of the cold wallet and reroute an authorized transaction. Security experts suspect that the attackers either compromised internal credentials or exploited a vulnerability in the cold wallet’s signature management. The stolen 401,000 Ethereum were transferred to an unknown address, which was shortly thereafter divided into several smaller wallets-a well-known tactic to hinder traceability.
After the hack was discovered, CEO Ben Zhou assured users that all remaining assets were safe and that the company had sufficient reserves to cover the loss. To this end, the exchange took out an external loan of just over one billion. The exact terms of the loan remain unknown. Bybit has enlisted external experts to investigate the incident and is offering a reward of up to 10% of the recovered amount for information leading to the retrieval of the stolen funds. Despite the incident, deposits and withdrawals on the platform remain active.
Lazarus Group identified as attacker
Security analysts suspect that the North Korean hacker group Lazarus is behind the attack. This group has previously been responsible for several large-scale cyberattacks on cryptocurrency platforms. Although these suspicions persist, investigations are still ongoing, and there has been no official confirmation of the Lazarus group’s involvement so far.
The theft led to a short-term drop in the price of Ethereum by about 4%. Bybit has announced that it will overhaul its security infrastructure to prevent future attacks and restore users’ trust.
