Here’s How North Korean Hackers Stole $1.5 Billion from Bybit
22.02.2025 22:00 2 min. read Alexander Stefanov
A major breach rocked the cryptocurrency exchange Bybit on Friday when Lazarus, North Korea’s notorious hacking group, stole over $1.5 billion in Ethereum and derivative tokens.
The attack, which targeted Bybit’s cold wallet, has sent shockwaves through the crypto community as experts scramble to figure out how the hackers infiltrated the system and what risks remain for others.
Bybit’s CEO, Ben Zhou, confirmed the breach occurred during a routine transfer between wallets. However, the transaction was altered through sophisticated manipulation of the underlying smart contract, allowing the attackers to take control. Over 400,000 ETH, stETH, and other tokens were siphoned off to multiple undisclosed wallets. As is typical with Lazarus, the funds were split into various addresses and converted into Ethereum via decentralized exchanges.
The attack has raised alarms about potential weaknesses in Safe{Wallet}, a multi-signature platform used by Bybit and many other exchanges to improve transaction security. While Safe has denied any direct breach of its system, it has suspended certain features for safety reasons as Bybit investigates. The primary concern is that the hackers may have exploited vulnerabilities in the devices used by Bybit’s multi-signature signers, manipulating the displayed information to trick them into approving fraudulent transactions.
There’s growing speculation that the attack may have involved insider knowledge, as the level of sophistication required to compromise multiple devices and maintain secrecy is considerable. This follows a disturbing pattern observed in other attacks, such as those on Radiant Capital and WazirX, where attackers used similar tactics to infiltrate systems through deceptive interfaces or malware.
While the precise method of attack remains unclear, some experts believe the hackers may have used malware or phishing techniques to infiltrate devices and compromise the multi-signature signing process. This targeted approach has prompted calls for stricter security protocols, including hardware wallets that are isolated from the internet to prevent similar attacks.
As the investigation continues, security specialists warn that this attack is part of a broader trend of increasingly advanced and targeted threats. The crypto industry must be vigilant, as such attacks continue to evolve and pose serious risks to the safety of digital assets across the sector.
-
1
Alex Mashinsky Seeks One-Year Sentence as DOJ Pushes for 20 Years
08.05.2025 12:00 1 min. read -
2
Celsius CEO Sentenced to 12 Years Over $5 Billion Crypto Scandal
09.05.2025 10:00 2 min. read -
3
$330M Bitcoin Heist Traced to Social Engineering Scam Targeting U.S. Senior
04.05.2025 12:00 2 min. read -
4
Man Sentenced to 30 Years for Using Crypto to Fund ISIS Operations
10.05.2025 11:00 1 min. read -
5
Crypto Executives Become High-Value Targets as Kidnapping Threats Escalate in Europe
19.05.2025 18:00 2 min. read
Blum Co-Founder Arrested in Russia as Project Distances Itself from Scandal
Vladimir Smerkis, a key figure behind the crypto-powered Telegram Mini App Blum, has been arrested in Moscow amid allegations of large-scale fraud, according to Russian media reports.
Crypto Executives Become High-Value Targets as Kidnapping Threats Escalate in Europe
As wealth in the cryptocurrency sector continues to grow, so do the dangers facing its most prominent players.
Hong Kong Cracks Down on $15M Crypto Laundering Syndicate
Hong Kong authorities have dismantled a sophisticated money laundering network accused of channeling over HK$118 million (USD $15 million) through a web of local bank accounts and crypto exchange shops.
FBI-Led Crackdown Exposes Massive Crypto Laundering Scheme
A high-profile investigation into one of the largest cryptocurrency fraud operations this year has led to the arrest of a Wellington man, as authorities across New Zealand and the United States crack down on cross-border cybercrime.
-
1
Alex Mashinsky Seeks One-Year Sentence as DOJ Pushes for 20 Years
08.05.2025 12:00 1 min. read -
2
Celsius CEO Sentenced to 12 Years Over $5 Billion Crypto Scandal
09.05.2025 10:00 2 min. read -
3
$330M Bitcoin Heist Traced to Social Engineering Scam Targeting U.S. Senior
04.05.2025 12:00 2 min. read -
4
Man Sentenced to 30 Years for Using Crypto to Fund ISIS Operations
10.05.2025 11:00 1 min. read -
5
Crypto Executives Become High-Value Targets as Kidnapping Threats Escalate in Europe
19.05.2025 18:00 2 min. read