The imagination of crypto scammers knows no bounds. Their execution deserves a spotlight of its own. On February 21, crypto exchange Bybit suffered a record-breaking crypto theft, which experts are calling the largest in history. North Korean hackers from the Lazarus Group allegedly stole 0.42% of all Ethereum (ETH) in circulation, with the stolen assets valued at approximately $1.5 billion.
The entire crypto market received a painful blow. Traders and investors awaited the resolution with bated breath. Eventually, the turmoil somehow calmed down. What exactly happened, and how did it all begin?
Crypto detective ZachXBT first spotted suspicious large transactions from Bybit wallets, and Bybit CEO Ben Zhou later confirmed the cyberttack. The hackers swiftly transferred funds to unknown addresses. According to current findings, the wrongdoers used an advanced spoofing scheme that allowed them to gain access to the exchange’s internal system and take full control over assets. The hackers manipulated Bybit’s interface, making it appear as though transactions were being confirmed by the platform itself. This tricked security personnel into unknowingly approving fraudulent transfers using their own access keys. As a result, the hackers gained full control over the exchange’s wallets.
The security breach triggered a surge in withdrawal requests from the platform. On February 22, over 580,000 withdrawal requests were processed on Bybit. However, there’s a silver lining in this dark cloud.
Bybit assured its users that all customer funds are backed 1:1. Even if the stolen funds cannot be recovered, Bybit has pledged to cover the losses from its own reserves. On top of that, Bybit announced a reward for cybersecurity and network security experts who play an active role in recovering the stolen assets. The reward could reach up to 10% of the successfully returned funds.
