Bybit, a major cryptocurrency exchange based in Dubai, suffered an unprecedented security breach on February 21, 2025, losing approximately $1.5 billion in Ethereum. The attack, one of the largest in crypto history, exploited a vulnerability during a routine transfer from Bybit’s cold wallet to its hot wallet. Hackers manipulated the transaction process, seizing control of the cold wallet and moving funds to unknown addresses within minutes.
Bybit CEO Ben Zhou confirmed that 401,000 ETH had been stolen, amounting to roughly 70% of the exchange’s total Ethereum holdings. Despite the massive loss, Zhou reassured users that all client assets remained fully backed and withdrawals remained operational. To stabilize operations, Bybit secured a bridge loan from undisclosed partners to cover any unrecoverable losses.
Blockchain forensics firms Arkham Intelligence and independent researcher ZachXBT traced the stolen assets, linking the breach to North Korea’s Lazarus Group. The state-sponsored hacking collective has a history of targeting crypto platforms to fund North Korea’s regime, utilizing advanced laundering techniques to obfuscate fund movements. Analysts estimate that within the first 24 hours, the stolen funds had been moved across multiple wallets and partially liquidated.
The breach triggered a wave of panic withdrawals from Bybit, with users fearing potential insolvency. However, Zhou stated that outflows had stabilized within 48 hours and the exchange remained financially sound. Bybit is actively working with blockchain forensics teams and law enforcement to track and recover the stolen assets.
This attack underscores the persistent security risks within the crypto industry. The incident surpasses previous record-breaking hacks, including the $611 million Poly Network breach in 2021 and the $570 million Binance attack in 2022. Experts emphasize the urgency for stricter security measures and global collaboration to prevent future large-scale crypto heists.
.png)
0 Comments