On February 21st, the largest hack in the history of cryptocurrency exchange Bybit occurred. The North Korean Lazarus Group stole assets worth $1.4 billion, causing significant damage to the industry. This article discusses the events surrounding the attack and how the exchange and the industry as a whole responded to the incident.
Bybit Hack Unfolds: How Funds Were Stolen
The hack was first detected by an analyst named ZachXBT, who alerted platforms and exchanges to blacklist addresses linked to the attack. Bybit co-founder and CEO Ben Zhou confirmed the hack and started providing updates and information on the extent of the breach. According to a Chainalysis investigation, the attack was initially believed to be conducted through phishing to access exchange funds, but it later emerged that hackers gained control of a Safe developer's computer instead of Bybit's systems.
Bybit's Response and Industry Support
The exchange quickly assured users that its remaining wallets were secure and continued operation without disruptions. Several hours after the hack, over 70% of withdrawal requests were processed, as confirmed by statements from Ben Zhou. The decentralized finance platform Ethena confirmed its stablecoin USDe's solvency despite a $30 million overexposure through Bybit's financial derivatives.
Consequences and Ongoing Efforts
Despite the mass withdrawal requests, audits showed that the exchange's reserves still exceeded liabilities. The Lazarus Group continued activity, moving funds through a network of wallets. Various exchanges and platforms began freezing funds connected to the hack. Bybit also launched a bounty program offering up to 10% rewards from recovered funds.
While Bybit has managed to restore its reserves, the hack highlighted vulnerabilities in the blockchain industry. It underscores the need for more effective security measures and the collective response of the crypto community to threats from hackers like the Lazarus Group.
