Dubai-based cryptocurrency exchange Bybit has successfully closed a $1.5 billion (€1.4 billion) shortfall following what researchers have described as the largest crypto heist in history.
The company confirmed that an attacker gained access to its Ethereum wallet on 21 February during a routine transfer from an offline “cold” wallet to an online “hot” wallet. The stolen funds were then moved to an unknown address.
Bybit announced on X (formerly Twitter) that it immediately locked down its systems, secured remaining assets, and collaborated with cybersecurity specialists to address the breach. The exchange also offered a 10% bounty to security experts who could help recover the stolen funds, potentially amounting to $140 million (€134 million).
Swift Industry Response Aids Fund Recovery
The cryptocurrency community responded rapidly to assist Bybit in mitigating losses. Crypto platforms and brokerages froze over $42.89 million (€41 million) in suspicious transactions linked to the hack.
Blockchain analysis platform Lookonchain reported that Bybit secured approximately 446,870 Ethereum (€1.17 billion) through loans, whale deposits, and asset purchases in the wake of the attack. An independent audit confirmed that the company had successfully closed the asset gap within 72 hours, thanks to support from industry partners.
Bybit praised the collective effort, stating that the “unprecedented show of solidarity” not only reinforced its resilience but also laid the groundwork for stronger industry-wide security measures.
North Korea’s Lazarus Group Suspected
Blockchain intelligence firm Elliptic, which is assisting Bybit in recovering the stolen assets, suggested that the attack may have been orchestrated by North Korea’s Lazarus Group. The organization, notorious for cybercrimes targeting the cryptocurrency sector, has been linked to multiple high-profile hacks.
Elliptic’s report indicated that the attackers began laundering the stolen funds almost immediately, exchanging the looted tokens for Ethereum. “Hundreds of millions of dollars in stolen tokens were swiftly converted to Ether,” the firm stated.
The Lazarus Group is known for employing a method called “layering” to obscure the stolen funds. This process involves distributing assets across numerous crypto wallets to complicate tracking efforts. According to Elliptic, the stolen funds were moved across 50 different wallets, and as of 24 February, around 14.5% of the assets—worth approximately $195 million (€187 million)—had already been withdrawn from these wallets.
Largest Crypto Heist on Record
The attack on Bybit dwarfs previous cryptocurrency heists, including the 2021 Poly Network breach, in which hackers stole $611 million (€587 million) before returning most of the funds.
The latest theft adds to mounting concerns over security in the cryptocurrency sector. Reports indicate that cybercriminals stole over $2 billion (€1.9 billion) from crypto exchanges in 2024 alone.
Euronews Next reached out to Bybit for further updates on the investigation and the recovery efforts, but no immediate response was received.
