Crypto exchange Bybit announced enhanced security measures following a February 2025 hacker attack, which became the largest in terms of stolen funds in the history of the crypto industry.
Bybit, the world’s second-largest crypto exchange by trading volume, completed a comprehensive review of its cybersecurity systems. These steps were taken in response to the February 2025 breach, which resulted in record losses due to a vulnerability in a third-party multisignature service.
Bybit’s infrastructure wasn’t compromised during the attack, but the leadership decided to strengthen protections. In the month following the incident, Bybit conducted nine internal and independent security audits. As a result, over 50 new measures were implemented, including revised operational procedures, access management, and data protection at all levels.
Specifically, the company strengthened cold wallet protection. New Operational Security Procedures (OSP) were introduced, requiring security expert oversight for all operations. The exchange also implemented a multi-party computation (MPC) model to eliminate single points of failure and integrated hardware security modules (HSM) to ensure maximum hardware-level protection.
Bybit’s infrastructure now complies with the ISO/IEC 27001 standard. All internal and external communications are encrypted end-to-end, including services not directly interacting with clients. Server data is encrypted at rest, and file systems are optimized for secure data storage.
The Lazarus Bounty platform, launched by Bybit to trace stolen assets, already distributed over $2.3 million in rewards.
The press release also notes that despite the scale of the attack, the exchange didn’t suspend operations and processed a record volume of withdrawals within the first 12 hours. Client assets remained protected, and the losses were covered by the company.
According to analytics firm Kaiko, Bybit restored liquidity within 30 days of the attack and regained its lead in capital inflow among CEXs in March. Additional reserve audits further boosted user trust. Ben Zhou, CEO and Co-Founder of Bybit, emphasized that in the face of growing cyber threats, the exchange team reinforced every component of its security infrastructure to meet user expectations.
On February 21, 2025, crypto exchange Bybit suffered a cyberattack resulting in the theft of over $1.4 billion in assets, the largest hack in the history of the crypto industry.
