Close Menu
Crypto Valley Journal
    Facebook X (Twitter) Instagram
    Crypto Valley Journal
    • Hot Topics
      • News
      • Minds
    • Focus
      • Background
      • Blockchain
      • Legal & Compliance
      • Non-Fungible Token (NFTs)
    • Investing
      • Markets
      • Financial Products
      • Decentralized Finance (DeFi)
      • Exchange overview
    • Education
      • Basics
      • Glossary
      • Politicians on crypto
    • Statistics
      • Bitcoin-ETF-Flows
      • Ethereum-ETF-Flows
      • Crypto market data
      • On-chain data
    • Academy
      • Overview
      • Part 1: Blockchain
      • Part 2: Money
      • Part 3: Bitcoin
      • Part 4: Cryptocurrencies
      • Part 5: Decentralized Finance
      • Part 6: Investing
    • English
      • Deutsch
    Crypto Valley Journal
    You are at:Home » Hot Topics » News » Bybit hack: 1.5 billion US dollars stolen by Lazarus Group
    Bybit hack: 1.5 billion US dollars stolen by Lazarus Group

    Bybit hack: 1.5 billion US dollars stolen by Lazarus Group

    By Editorial Office CVJ.CH on 24. February 2025 News

    Bybit, a Dubai-based cryptocurrency exchange, reported a massive security incident in which attackers stole Ethereum worth 1.5 billion US dollars. This incident represents the largest theft in the history of cryptocurrencies.

    During a routine transfer from a cold wallet to a hot wallet, the hackers managed to take control of the cold wallet and transfer over 500,000 Ethereum - totalling around USD 1.5 billion - to an unknown address. Bybit CEO Ben Zhou assured customers that their remaining assets were safe and that the company remained solvent.

    Subscribe to our newsletter

    The best articles of the week, directly delivered into your mailbox.

    Details of the Bybit hack

    The attack on Bybit occurred during a transfer from a cold wallet to a hot wallet-a process routinely carried out by crypto exchanges to ensure liquidity. In doing so, the hackers managed to take control of the cold wallet and reroute an authorized transaction. Security experts suspect that the attackers either compromised internal credentials or exploited a vulnerability in the cold wallet’s signature management. The stolen 401,000 Ethereum were transferred to an unknown address, which was shortly thereafter divided into several smaller wallets-a well-known tactic to hinder traceability.

    After the hack was discovered, CEO Ben Zhou assured users that all remaining assets were safe and that the company had sufficient reserves to cover the loss. To this end, the exchange took out an external loan of just over one billion. The exact terms of the loan remain unknown. Bybit has enlisted external experts to investigate the incident and is offering a reward of up to 10% of the recovered amount for information leading to the retrieval of the stolen funds. Despite the incident, deposits and withdrawals on the platform remain active.

    Ray Dalio’s Bridgewater Associates Minds

    Star investor Ray Dalio considers Bitcoin inferior to gold

    Most crypto cards hide who issues them. After mapping the licensed issuers, here is why Switzerland's self-issuing model reads differently. Background

    The bank you never chose: who really issues Switzerland’s crypto cards

    Robinhood Perpetual Futures in Europe now cover commodities and currencies, and the broker plans a crypto launch in the United Kingdom. Financial Products

    Robinhood Perpetual Futures expand to commodities in Europe

    Digital finance transparency relies on Proof of Reserves, Merkle trees, MPC custody and 24/7 monitoring to verify solvency and user assets. Basics

    Transparency as the foundation of security in digital finance

    Ray Dalio’s Bridgewater Associates Minds

    Star investor Ray Dalio considers Bitcoin inferior to gold

    Most crypto cards hide who issues them. After mapping the licensed issuers, here is why Switzerland's self-issuing model reads differently. Background

    The bank you never chose: who really issues Switzerland’s crypto cards

    Lazarus Group identified as attacker

    Security analysts suspect that the North Korean hacker group Lazarus is behind the attack. This group has previously been responsible for several large-scale cyberattacks on cryptocurrency platforms. Although these suspicions persist, investigations are still ongoing, and there has been no official confirmation of the Lazarus group’s involvement so far.

    The theft led to a short-term drop in the price of Ethereum by about 4%. Bybit has announced that it will overhaul its security infrastructure to prevent future attacks and restore users’ trust.

    Share. Facebook Twitter LinkedIn Email Telegram WhatsApp

    About the author

    Editorial Office CVJ.CH
    • Website
    • Twitter
    • LinkedIn

    Since 2018, the editorial team at Crypto Valley Journal has been reporting from Zug - the heart of Switzerland’s Crypto Valley - on Bitcoin, cryptocurrency, blockchain, and regulatory developments in digital assets. Behind the publication’s collective editorial voice is a team of writers with backgrounds in financial markets, law, and technology.

    Related Articles

    CVJ Weekly review

    Weekly review: 80mn bank customers in Germany gain access to crypto

    JPMorgan ranks Strategy's sales below the bigger Bitcoin risk and names tokenization beyond public chains as the real threat.

    JPMorgan sees biggest Bitcoin risk beyond Strategy

    AscendEX halted operations on 1 July over lost liquidity and a missing MiCA licence; users get no guarantee of a full payout.

    AscendEX halts operations: payouts uncertain

    A field hearing in New York aims to push the CLARITY Act through the US Senate before the summer recess. Here is what is at stake.
    13. July 2026

    July 17: House hearing aims to push the CLARITY Act through the Senate

    The DOJ dropped its USD 722 million BitClub Ponzi case against Goettsche just before trial, after two Trump-linked lawyers intervened.
    13. July 2026

    DOJ drops charges against BitClub founder Goettsche

    CVJ Weekly review
    11. July 2026

    Weekly review: 80mn bank customers in Germany gain access to crypto

    twitter image button instagram image button linkedin image button youtube image button

    About Crypto Valley Journal
    About Crypto Valley Journal

    On the pulse of the movement

    • Academy
    • Contact
    • Advertising
    • About us
    • Partner
    • Imprint
    • Privacy
    • Disclaimer
    Search

    Type above and press Enter to search. Press Esc to cancel.