The hack is the largest-ever crypto theft, according to blockchain analytics firm Elliptic.
The hack was attributed to North Korean group Lazarus by Arkham Intelligence
Photo Credit: Facebook/ ByBit
Crypto exchange Bybit said it was hacked, resulting in what analysts estimate was the loss of almost $1.5 billion (roughly Rs. 13,006 crore) worth of tokens in the biggest theft ever committed in the industry. Researchers believe North Korean hackers were likely responsible.
A hacker took control of one of Bybit's offline Ethereum wallets, the exchange's Chief Executive Officer Ben Zhou announced in a post on X on Friday. An estimated $1.46 billion (roughly Rs. 12,664 crore) in assets flowed out of the wallet in a series of suspicious transactions, according to posts by on-chain analyst ZachXBT on Telegram. Research firm Arkham Intelligence confirmed around $1.4 billion (roughly Rs. 12,144 crore) in outflows from the exchange, posting on X that “the funds have begun to move to new addresses where they are being sold.”
The hack is the largest-ever crypto theft, according to blockchain analytics firm Elliptic, surpassing the $611 million (roughly Rs. 5,299 crore) stolen from Poly Network in 2021. It was likely the “largest incident ever, not just crypto,” said Rob Behnke, co-founder and executive chairman of blockchain security firm Halborn.
Zhou went on a livestream on social-media platform X in an effort to alleviate clients' concerns about the hack. The exchange has taken out bridge loans with partners and has secured about 80 percent of funding needed to cover the loss, he said. At the same time, Bybit will try to recover the funds and take necessary legal action against the hackers.
“Your money is safe and our withdrawals are still open,” said Zhou on the livestream, appearing in a black T-shirt with the Bybit logo. He added that the exchange had processed more than 70 percent of all withdrawal requests following the hack. The exchange currently is not buying any Ether to cover the stolen assets on the platform, he added.
Founded in 2018, Bybit is one of the world's largest crypto exchanges, processing more than $36 billion (roughly Rs. 3,12,223 crore) in daily average trading volume. The Dubai-headquartered platform, which is not available in the US, had roughly $16.2 billion (roughly Rs. 1,40,500 crore) in assets on its exchange prior to being hacked, according to reserves data from CoinMarketCap, making the stolen Ether equivalent to roughly nine percent of its total assets.
The exchange surged to the second spot globally by trading volume, Bloomberg reported in June, in part by plugging the gap left by the failed FTX exchange with a service that allows digital tokens to be used as collateral for margin trading.
“When FTX collapsed, we saw the opportunity,” said Zhou in an interview with Bloomberg last year.
The funds stolen from Bybit on Friday were comprised of about $1.12 billion (roughly Rs. 1,40,492 crore) worth of Ether, and the rest was Ether derivatives such as one known as stETH, according to research firm Nansen. The tokens were first transferred into one wallet, and then dispersed into more than 40 wallets, Nansen said.
The attacker converted all Ether derivatives to Ether, and then transferred the Ether in $27 million (roughly Rs. 234 crore) increments into more than 10 additional wallets. Funds are still sitting in many of the wallets that received the tokens, Nansen added.
The hack was attributed to North Korean group Lazarus by Arkham Intelligence, who said crypto researcher ZachXBT had submitted definitive proof that the group was the culprit.
The attack appears similar to those conducted against crypto exchange WazirX and lending protocol Radiant Capital, according to Shahar Madar, vice president of security and trust products at Fireblocks, which is helping Bybit with its investigation.
“Both cases ended up being attributed to North Korea,” Madar said in an interview. “In all cases, these are experienced people, this points to a highly advanced attacker.”
Ether slipped almost eight percent from its high of the day after the theft. Other cryptocurrencies were also lower, with Bitcoin dropping almost five percent from its high of the day.
Ethena Labs' USDe, a popular token among crypto traders that acts like a “synthetic dollar,” briefly lost its one-to-one value to trade at around 98 cents, according to data from CoinGecko. The project said that although it conducts some trading on Bybit, it remains fully collateralised.
© 2025 Bloomberg LP
(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.