Bybit Hacked and Loses USD 1.5 Billion Worth Ethereum: Lazarus Group Held Responsible for the Attack
The Dubai-based crypto exchange – Bybit has become a victim to one of the largest digital currency hacks in history. North Korea’s Lazarus Group is being held responsible for this attack. USD 1.5 billion worth of Ethereum was lost as part of it.
Read more about it below.
Bybit Loses 400,000 Ethereum Worth USD 1.5 Billion in Recent Cyberattack
As reported, Bybit was hacked and became a victim of a cyberattack on the 21st of February 2025, which has led to the loss of 400,000 Ethereum (ETH) worth USD 1.5 billion. Making use of advanced security breach methods, it is suspected that the Lazarus Group has conducted this cyberattack on Bybit.
Speaking more, the Lazarus Group is considered to be a state-backed hacking group with the North Korean government funding and directing its cyberattacks. Billion dollar heists across multiple financial systems like banks, crypto platforms, DeFi protocols have been targeted and attacked by the group. USD 625 million from Axie Infinity (Ronin Bridge), USD 230 million from WazirX, USD 100 million from Harmony Bridge, USD 100 million from Atomic Wallet, and USD 41 million from Stake are few of its previous financial heists. To add, Park Jin Hyok, Kim IL, and Jon Chang Hyok are the key members (all wanted by the FBI), and the Lazarus Group is said to be funding North Korea’s military.
In the recent cyberattack against Bybit, Park Jin Hyok is believed to have been the mastermind, and to note this is the same person who was behind the WannaCry ransomware that hit 150+ countries earlier. The US and South Korea have tracked him and his activities for years and despite possessing ample evidence, North Korea simply denies his existence.
About the Bybit cyberattack, hackers had cloned Bybit’s signing interface and the contract was secretly altered to provide full access. As the transaction appeared to be legitimate without the presence of any immediate red flags during the approval stage, signers approved it, which led to the contract being rewritten. The entire wallet was taken over by hackers, and the Bybit cold storage became under their control. To say in other words, the security team itself unknowingly gave hackers the authorization for the breach. The stolen Ethereum or ETH was then divided and separated into 53 wallets, making the tracing process difficult.
As of now, Bybit has to recover the stolen ETH worth USD 1.5 billion, and for this the company is borrowing funds instead of repurchasing. This approach leads to a gradual sell off of ETH, thereby eliminating any bullish momentum. Affected users are promised refunds, and all they have to do is contact and inform Bybit of it. With respect to this recent cyberattack, it is best advised to not just diversify holdings, but also to spread funds across multiple wallets and exchanges to be safer.
