On February 21, 2025, cryptocurrency platform Bybit was subjected to the largest hack in history, resulting in the theft of $1.4 billion in digital assets.
How the Hack Happened
The attack targeted Bybit’s cold wallet, used for offline storage of user assets. Hackers exploited vulnerabilities during a routine transfer of Ethereum (ETH) from the cold wallet to a warm wallet, allowing them to alter transaction details and redirect funds to their address.
Immediate Aftermath: Panic and Withdrawals
The scale of the attack triggered panic among Bybit users, with over 350,000 clients rushing to withdraw funds. Bybit's CEO Ben Zhou stated, “Bybit remains solvent even if the hack loss is not recovered; all client assets are 1:1 backed.” This reassurance was bolstered by the company securing loans to cover potential losses.
Who’s Behind the Attack? The Lazarus Group Connection
Immediately after the hack, blockchain analysts and firms like Arkham Intelligence and Elliptic began investigations and identified links to the Lazarus Group, a notorious North Korean hacking organization. Their analysis revealed that the rapid fund movement and tactics matched previous attacks associated with this group.
The Bybit hack raises serious questions about the security of cryptocurrency platforms. Even with advanced security measures, such as cold wallet storage, significant risks remain. Bybit is taking steps to bolster its defenses and recover the lost funds, but the incident has already impacted the entire cryptocurrency industry.
