Cryptocurrency exchange Bybit experienced a significant setback with a $1.4 billion hack on February 21, which contributed to a more than $5.3 billion decline in total assets. Despite this massive breach, independent audits have confirmed that Bybit’s reserves still surpass their liabilities, ensuring full protection for users’ funds.
The attack, the largest in the history of cryptocurrency theft, involved the theft of Ether and other tokens. Hackers, reportedly affiliated with the North Korean Lazarus Group, were able to exploit vulnerabilities in the system, specifically targeting Bybit’s Ethereum multisig cold wallet. According to Meir Dolev of Cyvers, the cold wallet was compromised through a deceptive transaction that tricked signers into approving malicious changes to smart contract logic, allowing hackers to transfer all ETH to an unknown address.
In response to the hack, Bybit’s team worked tirelessly through the night to process over 350,000 withdrawal requests, successfully completing 99.9% of them by 1:45 am UTC on February 22. The CEO, Ben Zhou, assured customers that all functions and products remain operational and that user funds are secure.
This incident underscores the persistent risk and vulnerability even well-secured cryptocurrency exchanges face. North Korean hackers, identified in several other major crypto thefts, continue to pose significant threats to the industry. In efforts to curb these cybercrimes, South Korea, along with the United States and Japan, recently sanctioned several North Koreans believed to be involved in generating funds through such heists.
