- Cyber Syrup
- Posts
- Bybit Crypto Heist Becomes Largest in History, Exceeding $1.46 Billion
Bybit Crypto Heist Becomes Largest in History, Exceeding $1.46 Billion
Cryptocurrency exchange Bybit confirmed on Friday that a "sophisticated" cyberattack resulted in the theft of over $1.46 billion worth of cryptocurrency
CYBER SYRUP
Delivering the sweetest insights on cybersecurity.
Bybit Crypto Heist Becomes Largest in History, Exceeding $1.46 Billion
Cryptocurrency exchange Bybit confirmed on Friday that a "sophisticated" cyberattack resulted in the theft of over $1.46 billion worth of cryptocurrency from one of its Ethereum cold wallets. This incident now stands as the largest single cryptocurrency heist in history, surpassing previous high-profile breaches.
How the Attack Occurred
Bybit disclosed that the breach happened when its Ethereum (ETH) multisignature cold wallet initiated a transfer to a warm wallet. However, attackers manipulated the signing interface, displaying the correct transaction details while secretly altering the underlying smart contract logic.
"As a result, the attacker was able to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address," Bybit said in a statement on X (formerly Twitter).
Immediate Response and Security Measures
Bybit CEO Ben Zhou assured users that all other cold wallets remain secure and that the company has already reported the breach to law enforcement authorities.
The exchange has not yet provided specific details on how it plans to recover the stolen assets or mitigate similar risks in the future.
Who Is Responsible?
While Bybit has not officially confirmed the identity of the attackers, blockchain analytics firms Elliptic and Arkham Intelligence have linked the hack to the Lazarus Group, a state-sponsored cybercrime syndicate from North Korea.
This breach now exceeds previous record-breaking heists, including:
Ronin Network (Axie Infinity) – $624 million (2022)
Poly Network – $611 million (2021)
BNB Chain (Binance) – $586 million (2022)
Independent blockchain researcher ZachXBT also noted similarities between this attack and the Phemex hack, which took place just weeks earlier, suggesting a potential coordinated operation.
The Growing Threat of Crypto Heists
The Lazarus Group has been identified as one of the most prolific cybercrime groups in the world. North Korea's regime has relied on its state-backed hacking teams to fund its weapons programs, with billions in stolen crypto used to bypass international sanctions.
Google's cybersecurity division, Mandiant, described North Korea as:
"Arguably the world's leading cyber criminal enterprise."
According to Chainalysis, in 2024 alone, Lazarus stole over $1.34 billion across 47 crypto-related hacks, accounting for 61% of all cryptocurrency stolen that year.
The Future of Crypto Security
This latest attack highlights the growing security risks faced by cryptocurrency exchanges. The incident underscores the need for:
Enhanced cold wallet security measures
Stronger multi-signature verification protocols
AI-powered threat detection systems
Global regulatory cooperation to combat illicit crypto activity
As cryptocurrency continues to grow in adoption and value, cybercriminals are evolving their tactics. This attack serves as a reminder that even the most secure exchanges remain vulnerable without constant proactive security measures.
Bybit has yet to announce whether it will be able to recover the stolen assets or offer compensation to affected users. Meanwhile, investigations continue, and the broader crypto community awaits updates on how exchanges plan to prevent similar breaches in the future.