Hackers responsible for the Bybit exchange breach successfully laundered 499,000 $ETH ($1.39 billion) through THORChain. The FBI officially confirmed North Korea's involvement in this hacking incident.
FBI Confirms Hack Involvement
The Federal Bureau of Investigation (FBI) officially linked the Bybit hack to North Korea on February 26, 2025. The announcement indicated that cyber actors known as TraderTraitor were responsible for the heist on February 21, 2025. The FBI revealed that part of the stolen ETH was converted into Bitcoin and other cryptocurrencies.
How the Bybit Hack Happened
Bybit confirmed that the hack occurred during a routine transfer of Ethereum from an offline 'cold' wallet to a 'warm' wallet for daily trading. The attacker exploited security vulnerabilities during this process, gaining access to the funds and transferring them to an unknown address. Bybit's CEO, Ben Zhou, assured that all client assets remain safe and the exchange covers any unrecovered losses.
Efforts to Recover Stolen Funds
Bybit is actively working to recover stolen assets, calling on cybersecurity experts and blockchain analysts for assistance, offering a 10% bounty on recovered funds—potentially worth $140 million. The FBI, alongside firms like Elliptic and TRM Labs, has flagged over 11,000 wallet addresses linked to the attack, confirming the attackers' operational efficiency.
The Bybit incident highlights the vulnerability of cryptocurrency platforms to cyberattacks and the need to enhance security measures. It also raises concerns about North Korean cyber operations targeting the crypto sector.
