Cryptocurrency exchange Bybit recently disclosed that it fell victim to a sophisticated attack, resulting in the theft of over $1.46 billion in cryptocurrency from one of its Ethereum cold wallets, making it the largest single crypto heist on record.
According to Bybit, the incident occurred when the company’s ETH multisig cold wallet executed a transfer to its warm wallet, but the transaction was manipulated through a complex attack that altered the underlying smart contract logic while displaying the correct address. This allowed the attacker to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address.
A statement from Bybit’s CEO, Ben Zhou, emphasized that all other cold wallets are secure, and the company has reported the incident to the relevant authorities.
While Bybit has not officially confirmed the identity of the attacker, independent researchers, including Elliptic and Arkham Intelligence, attribute the digital theft to the infamous Lazarus Group, a North Korea-based threat actor known for its involvement in numerous high-profile cryptocurrency heists.
The incident surpasses previous record-breaking cryptocurrency heists, including the Ronin Network ($624 million), Poly Network ($611 million), and BNB Bridge ($586 million) hacks. Independent researcher ZachXBT has connected the Bybit hack to the Phemex hack, which occurred late last month.
The Lazarus Group is considered one of the most prolific hacking groups, responsible for dozens of cryptocurrency heists aimed at generating illicit revenue for the sanctions-hit nation. In 2024, the group is estimated to have stolen $1.34 billion across 47 cryptocurrency hacks, accounting for 61% of all ill-gotten crypto during the time period, according to blockchain intelligence firm Chainalysis.
Google-owned Mandiant notes that cryptocurrency heists are on the rise due to the lucrative nature of their rewards, the challenges associated with attribution to malicious actors, and the opportunities presented by nascent familiarity with cryptocurrency and Web3 technologies among many organizations.
