Crypto exchange Bybit, which bills itself as the second largest in the world, was hacked over the weekend. Bybit has confirmed the hack in which 401,346 units of the crypto currency Ethereum was taken.
As of writing is the Ethereum taken is valued NZ$1.936 billion (US$1.46 billion). Bybit is now scrambling to recover what funds it can, with the exchange calling for the cyber security and crypto analysts to help, promising a 10% reward on any funds recovered.
"... the contributors stand to share a bounty of potentially up to US$140 million in value in the scenario of a full recovery," the Dubai-based Bybit said.
Bybit co-founder Ben Zhou called the breach "the worst hack in history" on social media, but claimed the exchange was solvent:
Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss.
— Ben Zhou (@benbybit) February 21, 2025
Elsewhere, Bybit said it has received support from crypto-related entities that have blacklisted "exploit-related addresses, preventing unauthorised transfers". Blockchain analysis firm Chainalysis has also tracked the hackers' addresses to restrict their ability to launder the stolen crypto currency, Bybit said.
Bybit is promising a full incident report on the hack, with crypto community sleuth "ZachXBT" suggesting that North Korea's Lazarus Group is behind the breach, and is currently trying to move the stolen funds.
The Lazarus Group has been existence two and a half decades, and has strong links to the North Korean regime. It is believed to be behind several cyber attacks that have netted the pariah nation millions of dollars in foreign exchange The hacking group is also blamed for the 2013 attack on Sony Pictures, and the global WannaCry ransomware malware deployment in 2017 that was thwarted by security researcher Marcus Hutchins.
Prior to the Bybit hack, the biggest breach involved the Polynetwork, with US$611 million taken. On LinkedIn, Tom Robinson, a researcher with crypto analytics firm Elliptic speculated that the Bybit hack might be not just the biggest crypto hack ever, but the largest theft of any kind.
Robinson posted the below diagram to show the scale of the Bybit hack compared to many others in the past (amounts in US$).
6 Comments
Ouch, at least a hacker cannot steal your house. Something to be said for "Actual" hard assets rather than "Fairy Dust".
This is true Z. Hard to put a house in your pocket. Your car could get stolen though. Or your wallet, mobile phone, electric bicycle.
In this situation, good to see assets backed 1:1 so Bybit customers are secure. All exchanges in Japan require 1:1 backing of customer assets. Far ahead of the regulatory game.
Of course, if you custody your own coins instead of leaving them on an exchange, this is how an individual protects oneself. This should be near the top of any rules list taught to normies learning about the space.
This is an example why I personally don't invest in crypto, I just don't understand it enough, and I think very few can really say what the future holds. For example we are told Bitcoin is finite, why? Because there won't be any more made, it's too involved and expensive to make etc… There is absolutely no guarantee that computing technology advances wont' change these expectations at all, or that a Bitcoin competitor can be made much more efficiently and cheaply in the future, a bit like Deepseek vs American AI. And then there is the minefield of keeping your crypto safe online. J.C. and Wolfie will tell you: "You just need to…" but I'm not at all convinced that "your" crypto is safe and secure now and in the future. If it goes missing, who is average Joe Bloggs going to sue ? and in what country ?
well well, well.....my,my,my.... who'd have thought that a crypto-currency would......????
Now, back to more 'finite' subjects, would Juda or anybody else know whether the Friday stampede-like sell off of Spark shares upon Spark releasing its pessimistic prognosis could have been galvanised by Milford desperately trying to cut it's losses on its mid-December purchase of approx 14 million Spark shares at a substantially higher price than Spark's Friday closing price?
We welcome your comments below. If you are not already registered, please register to comment.
Remember we welcome robust, respectful and insightful debate. We don't welcome abusive or defamatory comments and will de-register those repeatedly making such comments. Our current comment policy is here.