Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Ethereum wallet hack. Show all posts
Ethereum wallet hack
Bybit security breach Lazarus Group cyberattack cryptocurrency hack Cyber Attacks Ethereum wallet hack

Bybit Suffers Historic $1.5 Billion Crypto Hack, Lazarus Group Implicated

 

Dubai-based cryptocurrency exchange Bybit Technology Ltd. has fallen victim to a massive cyberattack, with approximately $1.5 billion in cryptocurrency stolen. The breach is believed to be the largest single theft in cryptocurrency history.

Bybit, a well-established exchange with over 60 million users, consistently ranks among the top five platforms by trading volume. The company disclosed the hack on February 21, revealing that attackers gained control of an Ethereum wallet and transferred its holdings to an unknown address. The attack took place during a routine transfer from Bybit’s offline cold wallet to a warm wallet designated for daily trading, with vulnerabilities in the process allowing unauthorized access to the cold wallet. Approximately 401,000 ETH was stolen.

“Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic,” Bybit explained on X. “As a result, the attacker was able to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address.”

In response, Bybit’s co-founder and Chief Executive Officer Ben Zhou reassured users that the platform remains solvent, emphasizing that all client assets are backed one-to-one. The company also stated that it holds reserves exceeding $20 billion to cover the losses.

To incentivize recovery efforts, Bybit is offering a 10% reward on any recovered funds for ethical cyber and network security experts contributing to the retrieval process.

Despite Bybit’s assurances, the disclosure triggered significant withdrawals from the exchange. According to CoinDesk, users withdrew approximately $4 billion, bringing the total outflows, including stolen funds, to around $5.5 billion.

Investigators swiftly traced the stolen Ethereum to North Korea’s notorious Lazarus Group. Known for high-profile cyberattacks, the group was behind the 2014 Sony Pictures breach and the 2017 WannaCry ransomware outbreak. It has previously targeted cryptocurrency exchanges, including the 2024 theft of 4,500 bitcoins from Japanese exchange DMM Bitcoin.

Arkham Intelligence was the first to identify the connection, with researcher ZachXBT providing definitive proof on X. Further investigation linked the Bybit hack to a January attack on Phemex, another cryptocurrency exchange that suffered a $69 million loss.

Recovering stolen funds from a state-backed hacking group poses significant challenges. However, nearly $43 million of the stolen cryptocurrency has already been frozen in wallets through coordinated efforts, and an affiliated token has been blocked and removed. 

Discussions have emerged about a possible rollback of the Ethereum blockchain to recover stolen assets. Bybit CEO Ben Zhou and BitMEX co-founder Arthur Hayes have floated the idea, though it remains uncertain whether such a measure is feasible. As reported by CoinDesk, executing a rollback would require community consensus, which may not be forthcoming and could potentially lead to a contentious hard fork of the cryptocurrency.
Read more »
Subscribe to: Posts (Atom)