$1.5B Hack of Bybit Might Be the Largest Crypto Heist Ever
Following the revelation Friday from cryptocurrency exchange firm Bybit that hackers stole digital tokens worth about $1.5 billion – in what may be the biggest crypto heist of all time – CEO Ben Zhou wrote on X Sunday that it has replenished its reserves. Bybit was able to do this through a mix of emergency loans and large deposits.
Zhou told users on Friday that their funds were “safe,” and the firm would refund anyone affected. Less than 72 hours later, Zhou said Bybit had restored the exchange’s balance and kept customer withdrawals open, although he did not account for the stolen crypto.
The scale of the Bybit theft surpasses the previous record of a $615 million heist of Ethereum and U.S. coins from the Ronin Network in 2022.
How this crypto heist happened
The crypto was taken during a routine internal transfer from its Ethereum coin “cold wallet,” which is a digital wallet typically stored offline and considered more secure, according to Zhou. After Bitcoin, Ethereum is the second largest cryptocurrency.
In an earlier note on X, Zhou said the hackers had used a “musked transaction,” which is likely a misspelling of “masked transaction” to trick the exchange into cryptographically signing a change in the code of the smart contract controlling a wallet holding its stockpile of Ethereum.
“Please rest assured that all other cold wallets are secure,” Zhou wrote. “All withdraws are NORMAL.”
Bybit said the hackers exploited security features and then transferred the money to an unidentified address. After the theft, the value of Ethereum fell by around 4 percent on Friday, leaving it worth $2,641.41 per coin.
Suspect identified
The Lazarus Group, a hacking organization under North Korea’s Reconnaissance General Bureau, has been identified by blockchain security experts. Blockchain analyst ZachXBT said he had provided evidence linking the attack to Lazarus, citing patterns consistent with recent North Korean cyberattacks.
North Korea has been accused of multiple hacks of cryptocurrency exchanges to steal digital assets, launder the funds, and use them to finance its nuclear weapons program. In January, the United States, South Korea, and Japan issued a joint statement blaming North Korea for roughly $660 million in crypto thefts in 2024 alone.
Cryptocurrency has become a preferred method for money laundering by criminals to cleanse their illicit funds.
Bybit’s famous early investors and 60M users
Bybit was founded in 2018 and reportedly counts President Donald Trump and former PayPal chief Peter Thiel among its early investors.
Bybit says it has more than 60 million users worldwide and offers access to various cryptocurrencies.
