Bybit Confirms $1.5 Billion Hack Linked to North Korean Lazarus Group
Bybit confirmed a major security breach involving its Ethereum cold wallet, resulting in estimated losses exceeding $1.5 billion. This incident is one of the largest hacks in cryptocurrency history.
Details of the Breach
- The hack occurred during a transfer from Bybit's ETH multisig cold wallet to a warm wallet.
- The attacker used sophisticated manipulation to mask the transaction process.
- The underlying smart contract logic was altered while displaying the correct wallet address.
Connection to Lazarus Group
- On-chain market intelligence firm Arkham Intelligence linked the hack to North Korea's Lazarus Group.
- Crypto analyst ZachXBT provided evidence, including test transactions and forensic charts, aiding Bybit's investigation.
Estimated Losses
- Approximately 401,347 ETH, valued at around $1.12 billion, were withdrawn.
- Other assets lost include:
- 90,376 stETH worth $253.16 million
- 15,000 cmETH valued at $44.13 million
- 8,000 mETH totaling $23 million
- Total estimated loss stands at approximately $1.44 billion.
Bybit has activated its security team and is collaborating with blockchain forensic experts to investigate further. The exchange is also seeking assistance from other teams specializing in blockchain analytics and fund recovery.
Following the breach, ETH's price retraced by 4%, moving towards $2,640.