The February 21st hack on cryptocurrency exchange Bybit has been confirmed as the largest digital asset breach ever, with hackers stealing over $1.4 billion, primarily in Ethereum (ETH). Hours after the attack, authorities identified North Korea’s Lazarus Group as the mastermind behind the theft.
How the Hack Happened
Reports indicate that Bybit had ignored security vulnerabilities flagged months before the attack. CEO Ben Zhou admitted that the exchange’s Safe security feature had become incompatible with the platform’s framework, but the issue was not addressed in time.
Tracking the Stolen Funds
Despite the breach, Bybit’s internal investigation has successfully traced 88.87% of the stolen funds.
- Total stolen funds: 500,000 ETH ($1.4 billion)
- Still traceable: 88.87%
- Frozen funds: 3.54%
- Lost in the dark web: 7.59%
Zhou revealed that 440,091 ETH (worth $1.23 billion) had already been converted into 12,835 BTC and distributed across 9,117 crypto wallets.
Hackers Used Crypto Mixers to Hide Funds
The Lazarus Group used multiple crypto mixing services to obscure transactions:
- TornadoCash
- Railgun
- Wasabi
- CryptoMixer
So far, 193 BTC have been tracked moving into Wasabi Mixer, with funds being funneled through P2P vendors afterward.
Bybit Calls for Help in Tracing Funds
Bybit has launched a bounty program to track the stolen crypto. Over the past month, they have received 5,012 reports, with 63 being valid leads.
Zhou is now urging bounty hunters and blockchain analysts to assist in recovering the funds, as hackers continue to funnel assets through anonymizing services.
Bybit’s Security Failures & Future Precautions
Bybit acknowledged warnings about security risks months before the attack but failed to act. Rahul Rumalla, the chief product officer of Safe, claimed new security enhancements are being implemented to prevent future breaches.
The Lazarus Group remains one of the most notorious cybercriminal organizations, with a history of targeting crypto exchanges, DeFi platforms, and NFT marketplaces. The Bybit hack underscores the urgent need for stronger security protocols in digital asset platforms.