Dubai-based cryptocurrency exchange Bybit has suffered what is believed to be the largest crypto hack in history, with hackers stealing approximately $1.5 billion worth of Ethereum (ETH) from the platform’s cold wallet. The incident has sent shockwaves through the crypto world, sparking panic among users and raising urgent questions about digital asset security.
Bybit confirmed that the hack occurred during a routine transfer of Ethereum from a cold wallet — an offline storage system meant to protect against cyberattacks — to a warm wallet used for daily trading. However, hackers exploited a security loophole, gaining control of the wallet and transferring its contents to an unknown address.
As Business Insider reported, the attack compromised around 401,000 ETH, leaving the crypto community stunned. CEO Ben Zhou explained that the manipulation happened through a sophisticated attack, altering the smart contract logic while displaying the correct address — a tactic designed to bypass security checks.
Following the hack, Bybit quickly reassured its 60 million users that their funds were safe, emphasizing that client assets are “1 to 1 backed.” Zhou posted on X (formerly Twitter) “Bybit is solvent even if this hack loss is not recovered. All client assets are 1:1 backed, and we can cover the loss.”
The company, which holds over $20 billion in customer assets, promised to refund affected users, regardless of whether the stolen funds are recovered.
News of the hack triggered a surge in withdrawal requests, with over 350,000 users rushing to withdraw their funds — amounting to more than $4 billion in additional withdrawals. This brought the total outflow to a staggering $5.5 billion.
To make matters worse, Bybit faced a significant hurdle when Safe, a decentralized custody protocol, temporarily suspended its smart wallet functionality to investigate potential vulnerabilities. This left Bybit unable to access $3 billion in USDT reserves stored in its cold wallets.
Zhou revealed that Bybit’s team had to develop new software, manually verify signatures, and work overnight to process pending withdrawals. Eventually, they managed to withdraw the $3 billion locked in Safe wallets and move the funds to alternative storage solutions.
Blockchain analysts quickly pointed to the notorious North Korean hacking group, Lazarus, as the likely culprit. The group has a dark history of targeting digital asset platforms, allegedly using stolen crypto funds to support Pyongyang’s nuclear program.
Crypto intelligence firm Arkham and blockchain investigator ZachXBT have been actively tracing the stolen funds, with Arkham offering a $50,000 bounty to ZachXBT for his work. If the Lazarus Group’s involvement is confirmed, North Korea could become one of the largest holders of Ethereum — potentially surpassing even Ethereum’s co-founder, Vitalik Buterin.
Some in the crypto community floated the radical idea of reversing the Ethereum blockchain to retrieve the stolen funds. BitMEX co-founder Arthur Hayes even suggested a possible rollback. Bybit confirmed it had reached out to Vitalik Buterin and the Ethereum Foundation to discuss options.
However, Zhou admitted that a rollback was unlikely due to Ethereum’s decentralized nature, stating “It’s not a one-man decision. It should be up to the community.”
Experts warn that such a rollback would trigger a contentious hard fork, risking the network’s integrity and shaking investor confidence.
The scale of the Bybit hack is expected to draw intense regulatory scrutiny. The exchange has already faced legal challenges in multiple countries, including India, where it was penalized for anti-money laundering violations, and France, where it was only recently removed from a financial blacklist.
The incident also rattled the broader cryptocurrency market. Ethereum’s price dropped nearly 4% following the news but has since stabilized.
Despite the chaos, Bybit’s swift crisis management earned praise from some industry observers. Casey Taylor wrote on X “Bybit just delivered a masterclass in crisis communications after experiencing the largest hack in crypto history.”
The company secured a bridge loan from undisclosed partners to cover any unrecoverable losses and maintained transparent communication with users, processing over 580,000 withdrawals since the attack.
Bybit has vowed to overhaul its security infrastructure, promising stronger protocols and exploring alternative custody solutions. CEO Ben Zhou emphasized the company’s commitment to protecting its users and maintaining liquidity.
