North Korean Lazarus Group Identified As Culprit In Bybit’s Historic $1.5 Billion Hack

In a significant blow to the cryptocurrency industry, Bybit, one of the leading crypto exchanges, has confirmed a major security breach involving its Ethereum cold wallet. 

The incident, reported on Friday by Bitcoinist, marks one of the largest cryptocurrency hacks in history, with losses estimated at over $1.5 billion.

According to Bybit, the breach occurred during a transfer from their ETH multisig cold wallet to a warm wallet. The exchange revealed on social media platform X (formerly Twitter) that the attack was executed through a “sophisticated manipulation” of the transaction process. 

This manipulation allowed the hacker to mask the signing interface, which displayed the correct wallet address while altering the underlying smart contract logic. 

Subsequently, on-chain market intelligence firm Arkham Intelligence revealed that crypto sleuth ZachXBT has provided compelling evidence linking the hack to the notorious Lazarus Group, a North Korea-backed hacker organization. 

In his detailed analysis, ZachXBT reportedly submitted findings that included test transactions, associated wallets, forensic charts, and timing analyses. This information has been shared with Bybit to assist in its ongoing investigation.

The scale of the breach is staggering. Estimates suggest that approximately 401,347 ETH, valued at around $1.12 billion, were withdrawn. 

Additionally, other assets lost in the hack include 90,376 stETH worth $253.16 million, 15,000 cmETH valued at $44.13 million, and 8,000 mETH totaling $23 million. The total estimated loss stands at approximately $1.44 billion.

In light of this incident, Bybit has activated its security team and is collaborating with leading blockchain forensic experts to conduct a thorough investigation. 

The exchange has also reached out to other teams with expertise in blockchain analytics and fund recovery, inviting them to assist in tracing the misappropriated assets.

It remains to be seen what further action Bybit will take with the information provided by ZachXBT and how the case will unfold regarding the misappropriated customer funds. 

As for ETH’s price, the second largest cryptocurrency on the market has seen a 4% retracement towards $2,640 just hours after the security breach. 

Featured image from DALL-E, chart from TradingView.com