Key Details:
-
Stolen: 400,000 ETH (~$1.5 billion)
-
Method: Smart contract spoofing during cold-to-warm wallet transfer
-
Perpetrator: North Korea’s Lazarus Group (confirmed by CipherTrace)
-
User Impact: Bybit claims no customer losses; reimbursements underway
-
Bigger Picture: Largest crypto hack since 2024’s $2 billion CoinEx breach
One of the biggest hacks in the history of cryptocurrency, worth $1.5 billion, has been confirmed by Bybit. On February 21, 2025, hackers transferred 400,000 Ethereum to anonymous addresses by taking advantage of a flaw in a multi-signature cold wallet.
CEO Ben Zhou emphasized Bybit's liquidity and prompt reaction while reassuring users that customer payments are safe. Emergency cash was obtained to maintain operations, and more than 70% of withdrawal requests were handled in a matter of hours.
Blockchain researchers connected the Lazarus Group in North Korea to the attack. Analysts caution that market instability may result from the recovery of the stolen Ethereum, which is currently dispersed among more than 40 wallets.
The hack has rekindled demands for improved security protocols and more stringent crypto laws. Bybit promised to reimburse all costs and is working with cybersecurity companies to trace the money. The event emphasizes how persistently dangerous advanced cyberattacks are in the cryptocurrency industry.
Updates to follow as investigations progress.
