Bybit, one of the world’s largest cryptocurrency exchanges, has fallen victim to a $1.46 billion hack—the largest in cryptocurrency history. North Korea’s state-backed Lazarus Group is suspected to be behind the attack.
Bybit CEO Ben Zhou confirmed the breach in a Feb. 21 post on X, saying a hacker had taken control of one of the company’s offline Ethereum wallets. The stolen assets, primarily Ethereum and its derivatives, were first transferred to a single wallet before being dispersed across more than 40 separate wallets, according to Bloomberg.
The scale of the theft surpasses the $611 million hack of Poly Network in 2021, previously the largest known crypto heist.
Blockchain security experts have identified the Lazarus Group, a hacking organization under North Korea’s Reconnaissance General Bureau, as the likely culprit. Blockchain analyst ZachXBT said he had provided evidence linking the attack to Lazarus, citing patterns consistent with recent North Korean cyberattacks.
North Korea has long faced accusations of hacking cryptocurrency exchanges to steal digital assets, laundering the funds, and using them to finance its nuclear weapons program. In January, the United States, South Korea, and Japan issued a joint statement blaming North Korea for roughly $660 million in crypto thefts in 2024 alone.
The attack triggered a surge in withdrawal requests from Bybit users. Zhou reassured customers in a Feb. 22 X post that all withdrawals had been processed and that the platform had returned to its “normal pace.”
