Catenaa,Monday, February 24, 2025 – Lazarus Hackers stole approximately $1.5 billion in cryptocurrency from Bybit, marking the largest-ever theft in the industry, the digital asset exchange confirmed Friday.
Bybit CEO Ben Zhou disclosed that Ethereum coins were drained from the company’s offline “cold” wallet, which is typically considered more secure than online storage. “As far as we know, this could be the largest hack in the history of our industry,” Zhou said in a live-streamed update.
Meanwhile, Arkham Intelligence identified North Korea’s Lazarus Group as the culprit behind a $1.5 billion hack of cryptocurrency exchange Bybit.
Citing online sleuth ZachXBT’s analysis, Arkham pointed to evidence including transaction analysis and wallet connections.
Following the breach, users rushed to withdraw funds, though the outflow had slowed, Zhou noted. Bybit is securing a bridge loan from partners and pledged to reimburse customers for any unrecoverable assets.
Arkham Intelligence, a blockchain analytics firm, reported that approximately $1.36 billion in Ethereum was tracked leaving Bybit and being swiftly sold through multiple accounts.
The attack is a major setback for the crypto sector, which has experienced renewed momentum amid expectations that the Trump administration may adopt a more favorable stance toward digital assets.
Bybit later announced a bounty program offering 10% of recovered funds, potentially totaling $140 million.
They encourage those with recovery expertise to contact bounty_program@bybit.com.
This comes after Arkham awarded ZachXBT $34,000 for identifying Lazarus Group as the hackers.
Cryptocurrency exchanges have long been vulnerable to large-scale thefts. In 2011, Mt. Gox, then the leading Bitcoin exchange, lost 25,000 coins worth $470 million. Binance also suffered a $570 million loss in October 2022 due to a smart contract vulnerability.
Zhou stated that Bybit is investigating the breach but has yet to determine how its security protocols were bypassed.
