Cryptocurrency exchange Bybit has suffered what is being described as the largest hack in crypto history, with attackers making off with over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH), and various ERC-20 tokens. The magnitude of the breach underscores that even centralized exchanges with robust security measures remain vulnerable to sophisticated cyberattacks.
A Sophisticated Attack
Security experts, including analysts from Arkham Intelligence and onchain sleuth ZachXBT, have linked the attack to the notorious Lazarus Group—a hacking organization reportedly backed by North Korea. According to reports, the breach was orchestrated using advanced social engineering tactics. The attackers deceived key signers into approving a malicious transaction that altered the smart contract logic, ultimately draining funds from one of Bybit’s cold wallets.
Lucien Bourdon, an analyst at Trezor, emphasized that “even the strongest security measures can be undone by human error.” This sentiment reflects the core vulnerability exploited in the hack, where human factors and deceptive techniques overrode technical safeguards.
Historical Context and Industry Impact
The scale of the Bybit hack is particularly alarming. With losses exceeding $1.4 billion, the incident dwarfs the $600 million Poly Network hack of August 2021, setting a new, grim record in the crypto world. This breach comes at a time when the cryptocurrency industry has already seen significant losses—nearly half of the $2.3 billion stolen in crypto-related hacks during 2024 occurred amid similar systemic vulnerabilities.
Crypto security experts have noted similarities between this breach and previous attacks, such as the $230 million WazirX hack and the $58 million Radiant Capital hack. Meir Dolev, co-founder and chief technical officer at Cyvers, explained that the compromise of Bybit’s Ethereum multisig cold wallet was achieved through a deceptive transaction, tricking signers into approving changes that allowed the hacker to take control.
Industry Response and Future Solutions
In response to the incident, Arkham Intelligence has launched a bounty program offering 50,000 ARKM tokens (valued at approximately $31,500) to anyone who can help identify the individual or organization responsible for the breach. This move reflects the broader industry’s growing commitment to enhancing security measures and holding bad actors accountable.
Furthermore, crypto security firms like Cyvers are actively developing pre-emptive measures to combat such attacks in the future. One promising solution is offchain transaction validation, a process that simulates and verifies blockchain transactions in an offchain environment before they are executed. According to Michael Pearl, vice president of GTM strategy at Cyvers, this approach could potentially prevent up to 99% of crypto hacks and scams.
The massive Bybit hack not only marks a dark milestone in the history of cryptocurrency security breaches but also serves as a stark reminder of the vulnerabilities that persist within centralized exchange platforms. As hackers continue to refine their techniques, the industry is compelled to innovate and implement more rigorous security protocols to protect digital assets in an increasingly volatile environment.
