North Korean-linked Lazarus group dominated the headlines once again after the $1.5 billion hack on renowned cryptocurrency exchange, Bybit. The attack represents the biggest heist the virtual assets market has ever endured.
The aftermath of this attack has impacted the market heavily causing major cryptocurrencies to crash. Ethereum suffered the biggest casualties owing to how the hackers targeted the Bybit cold wallet containing ETH ($2,227.92) belonging to customers.
Further, the eye-catching loot raised questions about the vulnerabilities of crypto exchanges to cyber attacks. Critics raised concerns about how North Korea is using the proceeds from the hacking spree to fund its missile program.
They pointed out how crypto is indirectly funding the development of weapons that are dangerous to human existence. Amidst the whole chaos, the hack made a huge dent on Bybit’s reputation, casting doubts over its future.
Timeline Of The Bybit Hack
On February 21, 2025, Bybit suffered a malicious attack that resulted in the theft of about $1.5 billion worth of ETH. As revealed, the hackers managed to take over a Safe developer’s computer to manipulate the Safe UI built for Bybit transactions.
By that, the attackers tricked signatories to one of the exchange’s cold wallets into approving the transfer of 401,000 ETH which is valued at $1.5 billion then. Thereafter, the bad actors moved their loot across various wallets to conceal the flow of the transactions.
Additionally, they went on to convert the tokens to BTC ($84,001.82) and DAI ($1.00) before transferring them using various decentralized exchanges, cross-chain bridges, and swap services. A significant portion of the funds were moved to non-active addresses, a move that further strengthened links to the involvement of the Lazarus group.
The North Korean hackers are unpopular in the cryptocurrency space for their hefty heist on projects within the sector. According to Elliptic, the group has stolen more than $6 billion from cryptocurrency and blockchain projects since 2017.
Similarly, in 2023, the hackers gained about $660.5 million worth of digital assets from 20 attacks. The following year, the figure skyrocketed by 102% as the syndicate ripped $1.34 billion through 47 incidents.
Hence the latest attack on Bybit already surpassed all the funds the North Korea-affiliated group stole from the industry in 2024. The attack pushed various crypto companies on their toes, compelling them to step up their security mechanism.
Recently, the United States Federal Bureau of Investigation (FBI) urged market participants to block every loophole the hackers may use to launder the money.
What is Next?
Following the attack, the CEO of Bybit, Ben Zhao declared war on the group. Through a post on X, the CEO launched a bounty program that offers a 5% reward on every fund participants manage to freeze from the stolen funds.
More so, Zhao said recovery above $140 million will fetch white hat hackers a 10% return. The CEO vowed that the exchange won’t relent until the bad actors are evicted from the industry. As of February 26, 2025, the syndicate has laundered more than $335 million from the stolen funds.
Likewise, Bybit managed to mitigate the risk of the attack by raising enough funds to match the stolen assets, allowing customers to withdraw their assets. Zhao in a separate post confirmed that Bybit, despite the attack, remains solvent.
In less than a few hours after the attack, Bybit managed to raise about 447,500 ETH through loans from Galaxy Digital, FalconX, and Watermute. An external audit of the exchange’s reserve reveals that Bybit holds more than enough BTC and ETH to cover users’ deposits.
The exchange has steadied on a recovery path after the attack and things seem to be going fine. Nevertheless, Zhao remains committed to reclaiming the stolen funds from the group.
Parting Words
As the impact of the hack lingers on the broader cryptocurrency market, Bybit remained active in operation, allowing users to access their funds. The swift support of other cryptocurrency companies made the recovery possible, reducing the impact of the attack on the industry.
However, the Bybit hack is a notable setback for the industry considering its growing exposure to mainstream investors. The attack is a pointer to the need for improved security in the digital assets sector.
Read More :
- How LIBRA with the support of Argentina’s president stole $4.4 billion from investors
- What’s driving the controversy around the Coinbase listing process
- What are AI agent coins?
The post What’s next for Bybit after the historic $1.5 billion hack? appeared first on BinBits.
