Crypto exchange Bybit suffered a hack, resulting in the theft of over $1.4 billion in assets on February 21. The incident marks the largest digital asset hack in the history of the crypto industry.
Bybit lost assets worth over $1.4 billion due to the cyberattack. The first to report the breach was ZachXBT, who, together with Arkham Intelligence analysts, identified North Korean hacker group Lazarus Group as the perpetrators. According to Cyvers, the attackers managed to alter the smart contract, gaining access to a cold multisig wallet that stored ERC-20 tokens.
Bybit CEO Ben Zhou promptly confirmed the incident. He also held an emergency online broadcast, during which he assured users that the exchange was still processing withdrawal requests. Within ten hours of the attack, Bybit successfully processed 99.9% of withdrawal requests, totaling over 350,000 requests and completing more than 580,000 transactions.
According to DefiLlama, since the incident, Bybit’s total asset value dropped by over $6.1 billion, including the stolen funds. However, an independent Hacken audit confirmed that Bybit’s reserves still exceed its liabilities, ensuring full coverage of user funds.
In response to the hack, major crypto exchanges and community representatives provided support to Bybit through emergency transfers:
- Binance sent 50,000 ETH;
- Bitget transferred 40,000 ETH;
- Du Jun, Co-Founder of HTX Group, allocated 10,000 ETH, among others.
Additionally:
- Tether froze 181,000 USDT linked to the stolen assets;
- Mantle, SEAL, and mETH teams facilitated the return of $43 million in stolen funds.
According to Ben Zhou, Bybit’s team fully replenished the reserve assets stolen by hackers. The exchange announced an ongoing investigation and will release a detailed report on the hack in the coming days. Furthermore, Bybit launched the Recovery Bounty Program, offering up to 10% of the stolen funds’ value to individuals who help recover the assets.
The previous largest security breach was the Ronin sidechain hack, where approximately $625 million was stolen. Analysts also linked that attack to the Lazarus Group hackers.
