This post is also available in:
עברית (Hebrew)
Cryptocurrency exchange Bybit became the latest victim of a major cyberattack, marking what appears to be the largest crypto hack in history. The breach, which resulted in the theft of approximately $1.4 billion in Ethereum (ETH), has sent shockwaves through the cryptocurrency industry and reignited concerns about the vulnerabilities even top-tier exchanges face in securing digital assets.
Early reports indicate that the attack was carried out by using sophisticated social engineering techniques aimed at Bybit employees. Blockchain analysis firm Chainalysis revealed that the hackers initiated the attack by targeting cold wallet signers with phishing tactics, ultimately tricking them into signing malicious transactions. These transactions replaced the company’s multi-signature wallet contract with a malicious version, allowing the hackers to gain control over the assets.
Once the hackers took control, they intercepted a routine transfer from Bybit’s cold wallet to its hot wallet, rerouting the 401,000 ETH to their own address. The stolen funds were then moved through a series of intermediary wallets to obscure the origins of the illicit transactions.
Blockchain intelligence company Elliptic further disclosed that the stolen assets, which included staked Ethereum (such as stETH, cmETH, and mETH), were quickly converted into ETH using decentralized exchanges. This is a common tactic used by the Lazarus group, a North Korea-linked hacking collective known for its large-scale crypto thefts, which have reportedly totaled over $6 billion since 2017. Lazarus is known for its use of complex laundering strategies, and according to Blockchain investigator ZachXBT, the attack was linked to them.
Approximately $75 million worth of the stolen assets were laundered through the decentralized platform eXch, which, despite Bybit’s request, declined to block the transactions. As of now, Bybit has managed to freeze around $40 million of the stolen funds, according to Cybernews. The exchange has also offered a 10% reward to anyone who can help trace the remaining stolen crypto.
The breach highlights the ongoing security risks in the crypto space, with experts urging enhanced safeguards against such attacks, particularly involving social engineering tactics.
