Cryptocurrency exchange Bybit recently disclosed a significant breach resulting in the theft of more than $1.5 billion worth of cryptocurrency from one of its Ethereum cold wallets. This incident marks the largest single crypto heist in history.
According to Bybit, the breach occurred during a transfer from its ETH multisig cold wallet to its warm wallet. The transaction was manipulated through a sophisticated attack, allowing the attacker to take control of the affected cold wallet and transfer the funds to an unknown address.
Bybit’s CEO Ben Zhou assured that all other cold wallets remain secure, and the company has reported the incident to the authorities. Elliptic and Arkham Intelligence have confirmed the involvement of the Lazarus Group in the theft, making it the largest cryptocurrency heist ever recorded.
Additionally, independent researcher ZachXBT has linked this hack to a previous incident involving Phemex. The Lazarus Group, known for its prolific hacking activities, has been attributed to numerous cryptocurrency thefts in the past.
Google has previously identified North Korea as a major cyber criminal enterprise, with significant involvement in cryptocurrency-related crimes. The growing sophistication of such attacks poses challenges for organizations and highlights the need for enhanced security measures.
Update
Bybit later confirmed unauthorized activity in one of its Ethereum cold wallets during a routine transfer process. The breach resulted in the transfer of over $1.5 billion worth of ETH and stETH to an unidentified address.
TRM Labs has linked the hack to the Lazarus Group based on observed patterns in the addresses used in previous North Korean thefts. The incident showcases advanced techniques used by threat actors to manipulate user interfaces and compromise security measures.
Check Point Research emphasized the need for enhanced security measures to prevent such attacks, particularly in the context of manipulated transactions and compromised interfaces.
(This article has been updated to include additional information and revise the total amount of cryptocurrency stolen in the incident.)
