+852-29888918 | info@LARUS.NET
linkedin Linkedin
+852-29888918 | info@LARUS.NET
linkedin
logo
app_logo app_icon_menu app_icon_closed

Bybit Hack: How Hacker’s Group Stole $1.5B in Crypto

by

Ann

Bybit Hacked: How North Korea’s Lazarus Group Pulled Off the Biggest Crypto Heist Ever

The cryptocurrency world was shaken recently when Bybit, one of the largest crypto exchanges, was hacked. Cybercriminals managed to steal approximately 401,000 ETH, worth $1.5 billion, in what is now the biggest cryptoheist in history.

 

According to reports from Reuters, The Guardian, and Chainalysis, the FBI has officially linked the attack to North Korea’s Lazarus Group—a notorious hacking organization known for stealing cryptocurrency to fund the country’s weapons program.

 

This article breaks down how the hack happened, who was behind it, and what it means for the future of crypto security.

How Did the Bybit Hack Happen?

Bybit was hacked on February 21, 2025, during a wallet transfer from its cold storage (offline) to a warm wallet (online and used for daily transactions).


During this process, hackers exploited a vulnerability, making it look like a legitimate transaction while diverting the funds to their own wallets.

The Attack Method

According to blockchain security firm Chainalysis, the hackers:

  1. Infiltrated Bybit’s System – They took advantage of a flaw in the transfer process that allowed them to manipulate transactions.
  2. Bypassed Security Layers – They made the transaction appear normal while actually sending the funds to multiple unknown wallets.
  3. Laundered the Funds – The stolen ETH was quickly spread across various blockchain addresses and converted into Bitcoin and other assets to make tracking more difficult.

Who is Behind the Hack?

North Korea’s Lazarus Group

The FBI identified North Korea’s Lazarus Group as the mastermind behind this attack.


Lazarus Group is a state-sponsored hacking unit known for targeting financial institutions, crypto exchanges, and blockchain projects to steal funds for North Korea’s nuclear weapons program.

Past Crimes by Lazarus Group

The Bybit hack is not their first major crypto theft. Some of their biggest heists include:


  • 1) Ronin Bridge Hack (2022) – $625 million stolen from Axie Infinity.
  • 2) Horizon Bridge Hack (2022) – $100 million stolen from Harmony.
  • 3) CoinEx Hack (2023) – $70 million stolen from the exchange.

How They Use Stolen Crypto

The stolen funds are believed to be used to fund North Korea’s missile and weapons programs. Since sanctions prevent North Korea from accessing global financial markets, the country has turned to hacking as an alternative revenue stream.

Bybit’s Response: What’s Being Done?

1. Customer Funds Are Safe
Bybit’s CEO Ben Zhou reassured users that all customer funds are backed 1:1 and that the exchange remains solvent.


2. $140 Million Bounty
Bybit has announced a $140 million bounty reward for anyone who can help recover the stolen funds.


3. Blockchain Investigations
Bybit is working with blockchain security firms like Chainalysis to track the stolen funds and freeze suspicious transactions.


4. Increased Security Measures
To prevent future attacks, Bybit has tightened security, including:

> Stricter wallet transfer protocols
> More frequent security audits
> Enhanced fraud detection systems

What Does This Mean for the Crypto Industry?

1. Crypto Hacks Are Becoming More Sophisticated
This attack shows that even the biggest exchanges are vulnerable. Crypto exchanges must continuously upgrade their security to stay ahead of hackers.


2. The Importance of Cold Wallets
Since this attack happened during a wallet transfer, it reinforces the idea that cold wallets (offline storage) are the safest way to store crypto assets.


3. Governments May Enforce Stricter Regulations
As crypto crimes continue to rise, governments worldwide may introduce stricter regulations for exchanges to prevent future hacks.


4. Users Must Be More Cautious
Crypto investors should always:
✔ Use reputable exchanges with strong security
✔ Store long-term holdings in cold wallets
✔ Keep track of exchange security updates

Final Thoughts

The Bybit hack is a wake-up call for the crypto industry. Even top exchanges can be targeted, and state-sponsored hackers like Lazarus Group are becoming more dangerous. While Bybit has assured users that funds are safe, this incident highlights the risks of centralized exchanges and the need for stronger security. As investigations continue, the crypto community will be watching closely to see if Bybit can recover any of the stolen funds and what security measures will be put in place moving forward.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *