Bybit Hack – Five Things We Know

Reading Time: 2 minutes

• Bybit was hacked for 400,000 ETH on Friday, worth $1.5 billion
• The hack made headlines all over the world, with North Korean hacking group Lazarus thought to be behind it
• Bybit has received praise for its response

Friday’s mammoth $1.5 billion Bybit hack stunned the cryptocurrency world, with the theft understandably making global headlines. Hundreds of thousands of ETH were stolen and sold, forcing the company to buy back ETH to cover its reserves. With the dust having settled slightly since the event, here are five key things we know.

Digital Forensics: The Largest Non-cash Heist in History

The theft of approximately $1.5 billion worth of Ether makes the Bybit hack the biggest crypto hack of all time at contemporaneous values and the biggest non-cash heist ever. The hackers exploited a vulnerability during a routine transfer from Bybit’s cold wallet to a warm wallet, manipulating the transaction interface, gaining control over the cold wallet and transferring out 400,000 ETH.

This surpasses previous high-profile crypto thefts, such as the $624 million Ronin Network hack in 2022 and the $611 million Poly Network breach in 2021. It also surpasses the 2003 robbery of the Central Bank of Iraq, which involved the theft of approximately $1 billion in cash.

Digital Forensics: Lazarus Group Suspected

Blockchain analytics firms Arkham Intelligence and Elliptic have attributed the attack to the Lazarus Group, a notorious hacking organization with ties to North Korea. This group has a history of targeting financial institutions and cryptocurrency platforms to fund North Korea’s activities. Their involvement in this heist highlights the ongoing threat posed by state-affiliated cybercriminals.

Digital Forensics: Debates Over Ethereum Rollback

In the aftermath of the hack, discussions have emerged within the crypto community about the possibility of implementing an Ethereum blockchain rollback to reverse the illicit transactions.

However, Ethereum core developer Tim Beiko has stated that such a measure is “technically intractable,” emphasizing the challenges and potential risks associated with altering the blockchain’s history.

Digital Forensics: Bybit’s Proactive Response

Despite the substantial loss, Bybit’s CEO Ben Zhou has reassured users that the exchange remains solvent, with all client assets backed 1:1. The company has swiftly secured loans, received significant whale deposits, and made purchases to replace the stolen Ether, effectively closing the gap caused by the hack.

This prompt and transparent response demonstrates the resilience and maturity that the cryptocurrency industry has developed in handling such crises, and its response undoubtedly helped calm fears in the space.

Digital Forensics: Cryptocurrency Funding North Korean Warmonger

The involvement of the Lazarus Group in this heist brings to light the uncomfortable reality that stolen cryptocurrencies are being used to finance North Korea’s nuclear weapons program. This incident serves as a stark reminder of the broader geopolitical implications of cybersecurity breaches in the crypto space and underscores the need for enhanced security measures and international cooperation to prevent such exploits from funding illicit activities.