• decrypting defi
  • blockchain&beyond
  • news
  • 24 Feb 25

Bybit Recovers $1.4B Loss; FBI Tracks Lazarus Leader

The cryptocurrency exchange Bybit has fully compensated its Ether (ETH) losses following a massive hack that may have been orchestrated by the North Korean group Lazarus Group.

  • 117
  • 0
  • 0

0

nft.eu
  • rating +22
  • subscribers 106

The cryptocurrency exchange Bybit has fully compensated its Ether (ETH) losses following a massive hack that may have been orchestrated by the North Korean group Lazarus Group. As a result of the attack, over 400,000 ETH — worth approximately $1.4 billion — were stolen. Co-founder and CEO Ben Zhou stated that the exchange has already "bridged the gap" and will soon release a new audit confirming its reserves.

According to Lookonchain, Bybit covered the losses through a combination of loans, substantial investor deposits, and over-the-counter (OTC) ETH purchases.

Entities that Transferred ETH to Bybit After Bybit Was Hacked. Source: Lookonchain
Entities that Transferred ETH to Bybit After Bybit Was Hacked. Source: Lookonchain

The Lazarus Group Attack and Its Aftermath

The attack on Bybit occurred on February 21 and is considered the largest hack in crypto history. Hackers exploited a fake user interface to disguise a malicious smart contract and gain access to the exchange's multisignature cold wallet. Following the leak, users feared for the liquidity and Bybit’s ability to process all withdrawal requests.

To prevent panic and a "bank run," the exchange quickly secured emergency financing in the form of short-term "bridge loans" from crypto industry partners.

In addition to the borrowed funds, Bybit acquired large volumes of ETH on OTC markets to restore its reserves. Zhou emphasized that even if the stolen assets cannot be recovered, the exchange will remain solvent through its own funds and profits.

How the Attack Was Carried Out

The attackers compromised Bybit’s multisignature cold wallet — which was used to transfer funds to the hot wallet — by inserting malicious code into a smart contract during a routine transaction, effectively replacing the recipient’s address. A key element of the attack was the manipulation of the user interface used by employees responsible for signing transactions.

Although these employees saw correct data, they unknowingly authorized transfers to an address controlled by the hackers. As a result, Bybit lost 401,347 ETH along with related tokens, including stETH and mETH.

Blockchain analyst ZachXBT provided evidence confirming that the attack was carried out by the North Korean hacker group Lazarus, noting that North Korea is now the 14th largest holder of Ether in the world.

Bybit Offers $140M Reward for Recovered Funds

To encourage the return of the stolen assets, Bybit has announced a reward of 10% of the recovered amount. If the entire sum is recovered, the reward will total a record $140 million. Additionally, Bybit’s CEO assured that the exchange will review its security measures and tighten transaction controls, and a dedicated communication channel has been opened for experts willing to help in the investigation.

Meanwhile, the FBI has issued a warrant for the suspected leader of the Lazarus Group, believed to be North Korean hacker Park Jin Hyok. Law enforcement reports claim that he is responsible for creating the WannaCry virus and, in addition to the Bybit hack, may be linked to attacks on the Central Bank of Bangladesh, Axie Infinity, Atomic Wallet, and WazirX.

Read Also:

This post is for informational purposes only and is not an ad or investment advice. Please do your own research making any decisions.

  • 117
  • 0
  • 0

0

Comments

0