In a shocking cyberattack that has rattled the cryptocurrency world, hackers stole approximately $1.5 billion worth of Ethereum from Dubai-based exchange Bybit on February 21, 2025. This is now the largest crypto theft ever recorded.
The attack targeted Bybit’s Ethereum cold wallet, a supposedly secure offline storage system. During a routine transfer from this cold wallet to a warm wallet for daily transactions, the hackers infiltrated the system.
Investigations reveal that the attackers compromised a developer’s machine linked to Safe, Bybit’s wallet provider, injecting malicious code into the transaction process. As a result, Bybit unknowingly authorized the transfer of 401,000 ETH to addresses controlled by the hackers.
Blockchain analysis firms Elliptic and Arkham Intelligence traced the hack to the Lazarus Group, a notorious hacking collective backed by North Korea. The FBI confirmed their involvement, linking the attack to the TraderTraitor malware campaign used by Lazarus to fund North Korea’s weapons programs.
Despite global efforts to track the stolen assets, the hackers have already laundered over $605 million, using sophisticated tactics to evade detection:
The FBI issued a warning to crypto platforms, urging them to block transactions linked to hacker-controlled wallets. A list of wallet addresses connected to the stolen funds was also published.
Bybit has assured users that withdrawals remain operational and that all customer assets are fully backed despite the loss. The exchange is working with law enforcement and blockchain analysts to recover the stolen funds.
Crypto security firms emphasize the need for a unified effort to track and seize the funds before they are fully laundered. Exchanges and blockchain networks are being urged to monitor suspicious transactions linked to the stolen ETH.
The attack exposes vulnerabilities in developer security, highlighting that the risks extend beyond just user accounts. This incident may prompt governments to tighten cryptocurrency regulations in an effort to prevent future large-scale hacks. In response to the breach, the market experienced significant volatility, with Bitcoin dropping over 5% and hitting a three-month low below $80,000.
As authorities intensify their investigations, the Bybit hack serves as a wake-up call for the crypto industry. Strengthening security, enhancing regulations, and increasing global cooperation will be crucial to prevent another record-breaking theft.
Trump’s media firm makes crypto ETF move
Secret service unveils crypto war room after $400M seizure
Robinhood rolls out tokenized stocks on layer-2 blockchain
Pompliano’s ProCap buys $386M in Bitcoin after $1B merger