Crypto sent reeling by world’s biggest ever heist

Crypto sent reeling by world’s biggest ever heist
Cryptocurrency exchange scrambles for emergency loan after suspected North Korean hack
FEB 21, 2025

The cryptocurrency exchange Bybit has suffered a staggering security breach, resulting in the theft of approximately $1.5 billion in Ethereum. The incident, which is being described as one of the largest crypto hacks in history, targeted the exchange's cold wallet, which is typically considered a more secure method of storing digital assets offline.

Bybit’s co-founder and CEO Ben Zhou confirmed the attack, stating that hackers managed to bypass the platform’s security measures and gain unauthorized access. According to initial reports, the exploit involved deceiving wallet signers through a manipulated user interface and URL, leading them to unknowingly approve a malicious transaction. This breach enabled the attackers to alter the smart contract logic and seize control of the cold wallet, subsequently draining its funds.

Market Repercussions and Speculation

Following the announcement, the broader crypto market experienced significant volatility. Ethereum’s price initially dropped by over 4% before partially rebounding due to speculation that Bybit might need to repurchase large amounts of ETH to compensate affected users. However, Zhou later clarified that the company had secured a bridge loan covering 80% of the lost funds and had no immediate plans to purchase ETH on the open market, which quickly shifted market sentiment to a more bearish outlook.

Blockchain security firms have been actively monitoring the movement of the stolen funds. The hackers currently hold over 500,000 ETH, which have been dispersed across multiple wallets to obfuscate tracking efforts. Given the magnitude of the theft, selling off such a substantial amount presents a significant challenge, as blockchain forensic teams are closely watching these transactions.

Possible Involvement of Lazarus Group

Blockchain analytics firm Arkham Intelligence has linked the attack to the notorious Lazarus Group, a hacking unit believed to be affiliated with North Korea. "At 19:09 UTC today, ZachXBT submitted definitive proof that this attack on ByBit was performed by the LAZARUS GROUP," Arkham stated in a post on X. "His submission included a detailed analysis of test transactions and connected wallets used ahead of the exploit, as well as multiple forensics graphs and timing analyses. The submission has been shared with the Bybit team in support of their investigation."

The Lazarus Group has been implicated in several high-profile cryptocurrency thefts in recent years, including the $600 million Ronin Network hack in 2022 and last year's breach of Japan’s DMM Bitcoin exchange, which resulted in a $300 million loss. If confirmed, this would mark one of the most significant heists attributed to the group.

Ongoing Investigation and Security Concerns

Bybit has assured users that withdrawals remain operational and that other cold wallets remain uncompromised. "For immediate sake, we are currently reaching out to our partners to give us a bridge loan," Zhou said during a live stream. "So, currently, we are not buying [Ethereum]. And even if we did want to buy, it is too big of an amount to be moving around."

This attack underscores ongoing concerns regarding the security of digital asset exchanges, even those that employ advanced cold storage solutions. Over the years, the cryptocurrency industry has been plagued by large-scale thefts, from the infamous Mt. Gox hack in 2011 to the Binance exploit in 2022. While cold wallets are typically seen as safer than their online counterparts, this incident highlights the evolving tactics used by cybercriminals to breach even the most secure systems.

Bybit has pledged to compensate affected users and is working with cybersecurity firms and law enforcement agencies to track down the stolen funds. However, given the history of similar breaches, recovering the lost assets may prove to be an uphill battle.

As the investigation continues, industry experts are calling for stronger security protocols and more stringent oversight to prevent future exploits of this scale.

Bybit’s Foundation and Growth: From Startup to Global Exchange

Bybit, a cryptocurrency trading platform, was founded in 2018 by former Forex trader Ben Zhou. Headquartered in Singapore, the exchange entered the competitive crypto derivatives market with a focus on speed, security, and user-friendly features. Over the years, Bybit has expanded its offerings beyond derivatives, incorporating spot trading, options trading, and various financial products to cater to a growing user base.

A key factor in Bybit’s expansion has been its strategic partnerships across various industries. The company has collaborated with top esports teams such as NAVI and Astralis, leveraging the growing intersection between cryptocurrency and gaming. Additionally, Bybit has actively supported blockchain innovation through partnerships with Ethereum Layer 2 projects, aiming to improve transaction scalability and efficiency. The exchange has also formed alliances with payment providers to enhance accessibility, making it easier for users worldwide to engage in crypto trading.

Latest News

SEC bars ex-broker who sold clients phony private equity fund
SEC bars ex-broker who sold clients phony private equity fund

Rajesh Markan earlier this year pleaded guilty to one count of criminal fraud related to his sale of fake investments to 10 clients totaling $2.9 million.

The key to attracting and retaining the next generation of advisors? Client-focused training
The key to attracting and retaining the next generation of advisors? Client-focused training

From building trust to steering through emotions and responding to client challenges, new advisors need human skills to shape the future of the advice industry.

Chuck Roberts, ex-star at Stifel, barred from the securities industry
Chuck Roberts, ex-star at Stifel, barred from the securities industry

"The outcome is correct, but it's disappointing that FINRA had ample opportunity to investigate the merits of clients' allegations in these claims, including the testimony in the three investor arbitrations with hearings," Jeff Erez, a plaintiff's attorney representing a large portion of the Stifel clients, said.

SEC to weigh ‘innovation exception’ tied to crypto, Atkins says
SEC to weigh ‘innovation exception’ tied to crypto, Atkins says

Chair also praised the passage of stablecoin legislation this week.

Brooklyn-based Maridea snaps up former LPL affiliate to expand in the Midwest
Brooklyn-based Maridea snaps up former LPL affiliate to expand in the Midwest

Maridea Wealth Management's deal in Chicago, Illinois is its first after securing a strategic investment in April.

SPONSORED How advisors can build for high-net-worth complexity

Orion's Tom Wilson on delivering coordinated, high-touch service in a world where returns alone no longer set you apart.

SPONSORED RILAs bring stability, growth during volatile markets

Barely a decade old, registered index-linked annuities have quickly surged in popularity, thanks to their unique blend of protection and growth potential—an appealing option for investors looking to chart a steadier course through today's choppy market waters, says Myles Lambert, Brighthouse Financial.