Bybit Loses $1.46 Billion in Major Hack Linked to Lazarus Group
On February 21, Bybit's Ethereum cold wallet was hacked, leading to a theft of $1.46 billion. This incident ranks among the largest crypto heists in history. Hackers employed a "masked" transaction method and a fake Safe wallet interface to deceive Bybit's security team.
The attack is linked to the Lazarus Group, confirmed by the FBI. In response, Bybit’s CEO Ben Zhou announced a "war" against these hackers.
Lazarus Group Overview
Lazarus Group is a North Korean state-sponsored hacking collective, active since 2009. Its leader, Park Jin Hyok, has been implicated in significant cyber intrusions.
- First attacks targeted South Korean government resources in 2009.
- Operates with presumed state backing from North Korea.
- Members may be located outside North Korea, including China.
Notable Attacks
- Sony Pictures hack (2014): Shut down the company and leaked employee data.
- Bangladesh Central Bank heist (2016): Stole $81 million via SWIFT.
- WannaCry ransomware (2017): Infected over 300,000 computers globally.
Crypto Thefts
Lazarus Group has targeted various cryptocurrency platforms since at least 2017:
- 2017-2018: Stole $882 million from 14 exchanges.
- 2022: Hacked Ronin sidechain, stealing $620 million.
- 2022: Took $200 million from Horizon Bridge and Atomic Wallet.
- 2017-2022: Total estimated crypto theft reached $3 billion.
- 2023: Stolen crypto amounted to at least $600 million.
- 2024: Total stolen crypto hit $1.34 billion.
- 2025: Recent Bybit hack resulted in $1.46 billion theft.
Implications
The United Nations reports that North Korea may use stolen crypto for its nuclear and missile programs. The Bybit hack highlights vulnerabilities even in major exchanges, impacting the overall reputation of the crypto industry.