Cryptocurrency exchange Bybit has been struck by cybercriminals, resulting in the theft of digital assets valued at $1.5 billion and potentially marking the largest cryptocurrency theft to date.
The cyberattack targeted Bybit’s cold wallet, an offline storage system designed to ensure a high level of security for digital assets. The stolen funds, primarily in Ether, were moved across a series of wallets and subsequently liquidated via various platforms.
“Please rest assured that all other cold wallets are secure. All withdrawals are NORMAL,” Bybit’s CEO, Ben Zhou, issued a statement on X.
Blockchain analysis firms, including Elliptic and Arkham Intelligence, have been tracking the movement of the stolen cryptocurrency as it was transferred to different accounts and quickly sold off.
Elliptic has stated that this cyber theft surpasses previous incidents in the sector, exceeding the $611 million pilfered from Poly Network in 2021 and the $570 million in Binance’s BNB token stolen in 2022.
Analysts at Elliptic have suggested a connection between the cyberattack and North Korea’s Lazarus Group, a hacking group with links to the state, known for extracting billions of dollars from the cryptocurrency industry. This group is notorious for exploiting security vulnerabilities to generate revenue for North Korea, often employing sophisticated methods to conceal the movement of funds.
The Lazarus Group has a history of targeting cryptocurrency platforms, with an incident dating back to 2017 involving the infiltration of four South Korean exchanges and the theft of $200 million in Bitcoin. Law enforcement agencies and cryptocurrency tracking firms are collaborating to trace the stolen assets.
The breach led to a surge of withdrawal requests from Bybit, driven by user concerns about potential insolvency. Meanwhile, Zhou already confirmed that outflows had stabilised. He also stated that Bybit had obtained a bridge loan from undisclosed partners to cover any unrecoverable losses and continue day-to-day operations.