Bybit's $1.5B Crypto Heist: North Korea's Lazarus Group Suspected

In a significant development, leading cryptocurrency exchange Bybit has confirmed a major security breach involving its Ethereum cold wallet, resulting in one of the largest cryptocurrency hacks in history. The incident, reported on Friday, has led to estimated losses of over $1.5 billion.

Bybit revealed that the breach occurred during a transfer from their ETH multisig cold wallet to a warm wallet. The exchange stated that the attack was executed through a "sophisticated manipulation" of the transaction process, allowing the hacker to mask the signing interface and alter the underlying smart contract logic.

Subsequently, on-chain market intelligence firm Arkham Intelligence revealed that crypto sleuth ZachXBT has provided compelling evidence linking the hack to the notorious Lazarus Group, a North Korea-backed hacker organization. ZachXBT's detailed analysis included test transactions, associated wallets, forensic charts, and timing analyses, which have been shared with Bybit to assist in its ongoing investigation.

The scale of the breach is staggering. Estimates suggest that approximately 401,347 ETH, valued at around $1.12 billion, were withdrawn. Additionally, other assets lost in the hack include 90,376 stETH worth $253.16 million, 15,000 cmETH valued at $44.13 million, and 8,000 mETH totaling $23 million. The total estimated loss stands at approximately $1.44 billion.

In light of this incident, Bybit has activated its security team and is collaborating with leading blockchain forensic experts to conduct a thorough investigation. The exchange has also reached out to other teams with expertise in blockchain analytics and fund recovery, inviting them to assist in tracing the misappropriated assets.

It remains to be seen what further action Bybit will take with the information provided by ZachXBT and how the case will unfold regarding the misappropriated customer funds.