In a devastating blow to the cryptocurrency industry, popular exchange Bybit has suffered the largest crypto theft in history, losing approximately $1.4 billion in digital assets. The unprecedented attack, which occurred on February 21, was reportedly carried out by North Korea's notorious Lazarus Group.
According to Bybit officials, attackers compromised the exchange's Ethereum cold wallet signing interface, enabling them to alter smart contract logic and initiate unauthorized transfers without detection. The sophisticated attack targeted human operators rather than technical vulnerabilities, demonstrating a new level of social engineering in crypto heists.
Blockchain intelligence firm Arkham, along with renowned investigator ZachXBT, traced the attack back to the Lazarus Group through analysis of test transactions and related wallet activities in the months leading up to the breach. The stolen funds were subsequently mixed with proceeds from previous hacks, including January's Phemex exchange incident, making asset recovery particularly challenging.
Despite the massive theft accounting for about 70% of Bybit's ETH reserves, CEO Ben Zhou assured users that client funds remain unaffected. "The platform maintains adequate reserves even under worst-case scenarios," Zhou stated, emphasizing the exchange's continued financial stability.
The attack has sparked serious concerns within the crypto community about cold wallet security practices. Unlike traditional technical exploits, this breach revealed how sophisticated attackers could compromise multiple multisig signers' devices and manipulate transaction information without raising red flags.
The incident represents over 60% of all crypto theft in 2024 so far, according to Cyvers data. Security teams at Bybit are currently working with blockchain forensic experts to trace the stolen assets, while receiving support from various partners across the crypto ecosystem.
This record-breaking hack adds to the Lazarus Group's growing list of high-profile crypto heists, including the $600 million Ronin network theft. The incident has prompted renewed discussions about exchange security measures and the evolving sophistication of state-sponsored cyber attacks in the digital asset space.