Bybit Hack: $1.5 Billion Stolen in Crypto’s Biggest Cyber Attack

The Bybit Hack cryptocurrency exchange, one of the largest trading platforms in the world, has been hit by a massive $1.5 billion hack. According to an independent investigation, the cyberattack has been linked to the notorious Lazarus Group, a North Korea-backed hacking organization known for targeting financial and cryptocurrency platforms.

How the Bybit Hack Happened

On February 21, 2025, Bybit detected unauthorized transactions in its Ethereum cold wallets during a routine transfer. The exchange immediately flagged the suspicious activity and later confirmed that over 400,000 ETH and stETH tokens worth $1.5 billion had been moved to an unknown wallet.

Soon after, blockchain security expert ZachXBT launched an investigation and discovered that the stolen funds were connected to previous crypto hacks involving Phemex and BingX exchanges. These incidents were also attributed to Lazarus Group, which has a history of using advanced cyber techniques to exploit security flaws in the crypto industry.

Blockchain Analysis Confirms Connection to Lazarus Group

The findings were later confirmed by Arkham Intelligence, a leading blockchain forensics firm. They verified that the hackers had conducted small test transactions before the main attack to ensure that their method would work without triggering security alarms.

By analyzing blockchain transactions, experts were able to identify:

• Clusters of wallets controlled by the same hackers
• Timing correlations between the test and actual transactions
• Patterns matching previous Lazarus Group Bybit hacks

These findings left little doubt that the Bybit attack was another Lazarus Group operation.

How Did Hackers Access Bybit’s Cold Wallets?

Security expert Santiago Pontiroli explained that the hackers used an advanced deception technique to gain access to Bybit Hack cold wallets. Instead of launching a direct attack, they:

1. Altered the smart contract logic behind the transactions.
2. Masked the interface shown to Bybit’s security team.
3. Redirected the funds to a hacker-controlled wallet.

In simple terms, the hackers tricked Bybit Hack system into approving the transfer, making it look like a routine transaction when it was actually sending funds to the attackers.

Bybit’s Response to the Hack

Despite the massive loss, Bybit reassured users that:

• Withdrawals and trading services remain fully operational.
• 70% of withdrawal requests have already been processed.
• Bybit has enough assets ($20 billion in AUM) to cover the loss.
• A bridge loan will be used if necessary to ensure all user funds are available.

The exchange is now working with blockchain forensic experts to trace the stolen funds and find ways to recover them.

Why This is the Biggest Crypto Heist Ever

This attack is being called the largest crypto hack in history. It has exposed major security flaws in even the biggest cryptocurrency platforms, raising concerns about:

• How safe are centralized exchanges?
• Are cold wallets really secure?
• What new tactics are hackers using to steal crypto?

The Lazarus Group has been behind several high-profile crypto heists, using:

• Phishing scams to steal login credentials.
• Malware attacks targeting crypto wallets.
• Blockchain manipulation to bypass security.

As hackers become more advanced, crypto exchanges must upgrade their security to prevent such massive losses.

What Crypto Traders Should Do Now

This attack is a wake-up call for all crypto traders and investors. Here’s how you can protect your digital assets:

1. Use a hardware wallet – Never store large amounts of crypto on an exchange.
2. Enable multi-factor authentication (MFA) – Adds extra security to your account.
3. Monitor your transactions – Regularly check for unusual activity.
4. Be cautious with links and emails – Avoid phishing scams.
5. Use strong, unique passwords – Change them regularly.
6. Follow blockchain security updates – Stay informed about potential threats.

What’s Next for Bybit?

Bybit has promised to strengthen its security and work with authorities to track the stolen funds. However, this hack has shaken confidence in centralized exchanges, leading many traders to explore decentralized alternatives for added security.

The crypto industry is growing fast, but so are the risks. This incident proves that stronger security measures are needed to protect users from sophisticated cyberattacks.

For now, Bybit remains operational, but crypto users must stay vigilant and take extra steps to safeguard their assets.

Bookmark Hyper DAF and follow us on Twitter (X), Telegram, and Facebook to receive upcoming airdrops and news updates on time.

Read this article also: How to Earn Money with Warpcaster A Complete Guide