Cryptocurrency exchange Bybit faced a massive $1.4 billion loss due to a hack, reportedly associated with the Lazarus group.
Details of the Hack
The hack was a sophisticated attack involving manipulation of signers to unknowingly hand over control of the exchange's multi-signature cold wallet. Hackers extracted about 400k ETH from the compromised wallet, which was distributed in 10k ETH chunks to several addresses, later linked to the Lazarus group by on-chain detective ZachXBT.
Losses and Consequences
Following the hack, Bybit's Ethereum reserves fell from 443k ETH to around 39k ETH. This sparked fear among Bitcoin investors leading to the withdrawal of 713 BTC from the exchange. Bybit's Founder and CEO, Ben Zhou, reported an unprecedented number of withdrawal requests but assured they were all efficiently handled.
Attempts to Recover Funds
To manage the withdrawal pressure amid low Ethereum reserves, Bybit received Ethereum loans from Bitget and Binance, totaling over $170 million. Despite this, the exchange remains $1.2 billion short of the stolen funds. Bybit's CEO maintains that the exchange is solvent and can cover all user losses even if the stolen funds are not recovered. Notable figures like Samson Mow and Arthur Hayes are calling on Ethereum's founder, Vitalik Buterin, to roll back the chain to recover the funds; Buterin, however, has not yet responded.
The Bybit incident highlights the importance of security in the cryptocurrency world and sparks debate on potential measures to prevent similar occurrences in the future.
