Bybit Hack: $1.4B Stolen from World’s 2nd Largest Crypto Exchange

In a major cybersecurity incident, Bybit, the world’s 2nd-largest crypto exchange suffered a $1.4 billion ETH hack from a cold wallet breach.

Bybit, the world’s second-largest cryptocurrency exchange, has confirmed today that it suffered a major security breach resulting in the theft of approximately $1.4 billion worth of Ethereum. The stolen funds were taken from one of the exchange’s cold wallets, which are designed to store cryptocurrency offline and are generally considered highly secure.

Bybit CEO Ben Zhou addressed the situation in a statement, acknowledging the incident and confirming that the company is currently conducting a thorough investigation to determine the exact cause of the breach and the extent of the damage.

While the details of the attack remain undisclosed pending the investigation, Zhou reassured users that Bybit has the financial capacity to cover the losses and that customer funds remain safe. He emphasized that trading and other platform operations are continuing as normal.

Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss.

— Ben Zhou (@benbybit) February 21, 2025

The scale of the theft has, understandably, triggered widespread anxiety among Bybit users and the cryptocurrency market. Questions are being raised about how such a massive amount of cryptocurrency could be stolen from a cold wallet, which is typically isolated from the internet to protect against online attacks.

Questions are being raised regarding the potential involvement of sophisticated hacking techniques, insider threats, or a combination of both. The incident underscores the persistent security challenges facing the cryptocurrency industry, despite advancements in technology and security measures.

This massive hack comes at a time when the cryptocurrency market is already grappling with volatility and uncertainty. The news of the Bybit breach has further eroded investor confidence and has the potential to trigger a broader market downturn. The timing couldn’t be worse for Bybit, which has been striving to establish itself as a leading player in the competitive cryptocurrency exchange market.

****Involvement of the Lazarus Group****

According to ZachXBT, a crypto scam investigator, the hack has been linked to the notorious North Korean Lazarus Group, known for stealing Bitcoin on behalf of the government.

BREAKING: BYBIT $1 BILLION HACK BOUNTY SOLVED BY ZACHXBT

At 19:09 UTC today, @zachxbt submitted definitive proof that this attack on Bybit was performed by the LAZARUS GROUP.

His submission included a detailed analysis of test transactions and connected wallets used ahead of… https://t.co/O43qD2CM2U pic.twitter.com/jtQPtXl0C5

— Arkham (@arkham) February 21, 2025

Nevertheless, Bybit offers a vast selection of over 753 cryptocurrencies, including major ones like Bitcoin (BTC), Ethereum (ETH), Solana (SOL), and XRP. On top, over 40 million people use the exchange. Therefore, the investigation into the hack is expected to be complex and lengthy, involving cybersecurity experts and potentially law enforcement agencies.

The outcome of this investigation will not only impact Bybit’s reputation but also have significant implications for the future of cryptocurrency security and investor trust in the digital asset space. This incident clearly shows the risks of investing in cryptocurrency and why crypto exchanges require strong security measures.