Biggest crypto theft in history: North Korean hackers attack the Bybit exchange

The crypto world is shaken by the biggest theft in its history. On Friday, suspected North Korean hackers attacked the crypto trading platform Bybit and stole Ethereum worth $1.46 billion. Ethereum is the second largest crypto currency after Bitcoin.

The cyber criminals gained control of a corresponding wallet and transferred the contents to an unknown location. On Monday, the assets were still untraceable.

Bybit has around 60 million customers and is one of the largest crypto exchanges in the world. After the hack became known, there was an exodus from the platform. Customers feared for their deposits and withdrew billions in crypto assets. According to data from Defillama, the assets held on the platform decreased by $5.6 billion to $11.2 billion - that corresponds to withdrawals of over $4 billion after deducting the hack.

However, the Dubai-based platform told its customers that their crypto holdings were safe. Ben Zhou, co-founder and CEO of the exchange, wrote on X: "Bybit is solvent, and if the losses from the hack are not found, all customer assets are covered 1:1, we can cover the losses." Zhou stated that the platform holds a total of $20 billion in customer assets and pays all losses itself or through loans from partners.

It seems that Bybit can keep this promise. According to the information service Lookonchain, Bybit was able to compensate for the losses of 1.4 billion dollars on Monday and thus fully cover the customer balances. Bybit has rebuilt the funds through loans, large deposits and purchases in the past two days. According to Bybit, all payment activities have returned to normal.

If this is true, Bybit's flight movements differ from those of the crypto exchange FTX at the end of 2022, when unbacked crypto assets led to the implosion of the platform due to internal fraudulent activities. Bybit is the victim of an external, criminal attack, but was able to stabilize the liquidity situation quickly enough. Customers can still access their assets - a deadly bank run has so far avoided.

The Bybit hack is by far the largest crypto theft. The fact that trust has not yet been restored can be seen in the price of the affected token, Ether. Although it quickly made up for the initial losses after the hack became known, its price eroded again on Monday.

In addition, the background remains unclear. The blockchain information service Elliptic has attributed the theft to the Lazarus Group. This hacker group, which is linked to North Korea, is said to have stolen crypto assets worth more than $6 billion since 2017. The group's last major hack was that of the Ronin network in March 2022 - the funds are said to have helped finance North Korea's nuclear missile program.

According to Elliptic, in order to use the cryptos for financing purposes, the hackers laundered stolen Ether worth several million dollars across various platforms, including the automated crypto exchange platform eXch, which refused to block these illegal activities despite requests.

According to Bybit, the attack occurred during a routine transfer of tokens from a cold wallet, which is kept offline, to a warm wallet, which is online to handle daily trading. Cold wallets are actually considered secure due to their lack of internet connection.

Meanwhile, Bybit has launched a call to find the lost Ether holdings. The platform is offering a reward of 10 percent of the recovered assets, which corresponds to a potential "finder's fee" of $140 million.