Bybit Crypto Heist: Hacker Becomes 14th Largest Ethereum Holder
2025-02-24
A recent security breach at Bybit, one of the world’s major cryptocurrency exchanges, has resulted in an unprecedented crypto heist, catapulting the hacker into the ranks of the largest Ethereum (ETH) holders globally.
The attacker now holds more ETH than Ethereum’s co-founder, Vitalik Buterin, and financial powerhouse Fidelity, making them the 14th largest ETH holder in the world.
A Historic Crypto Theft
Source: Newzchain
Coinbase director Conor Grogan highlighted the event in a post on X stating, “The Bybit hacker (most likely N.K.) is now the 14th largest ETH holder in the world. They hold roughly 0.42% of total supply, more than Fidelity, Vitalik, and twice what the Ethereum Foundation holds.”
The hacker's holdings reportedly amount to approximately 499,395 ETH, valued at an estimated $1.37 billion.
This figure significantly surpasses the Ethereum Foundation’s holdings and Buterin’s known ETH assets, which are estimated to be between 270,000 and 300,000 ETH.
Read Also: North Korea's $1.5B ETH Hack Tragedy: The Most Phenomenal Hack in History
How the Attack Unfolded
Bybit CEO, Ben Zhou, disclosed that the hacker gained access to one of the exchange’s Ethereum cold wallets, leading to the movement of around $1.46 billion in assets through a series of suspicious transactions.
This event has now been labeled the largest cryptocurrency theft in history, eclipsing the infamous $611 million Poly Network hack of 2021. Some experts argue that this could be the largest security breach across any financial sector, not just in crypto.
According to blockchain analytics firm Nansen, the stolen assets include:
1. 401,347 ETH worth approximately $1.12 billion
2. 90,376 stETH valued at $253.16 million
3. 15,000 cmETH worth $44.13 million
4. 8,000 mETH worth $23 million
After the initial transfer to a single wallet, the hacker quickly redistributed the funds across more than 40 different wallets. Analysts suspect that the notorious North Korean hacking group Lazarus may be responsible for the attack.
The group allegedly converted all Ethereum derivatives into ETH before breaking the holdings into $27 million transactions and spreading them across at least 10 additional wallets.
Many of these funds still remain within these wallets, making their next moves highly anticipated by security analysts and law enforcement agencies.
Read Also: Ether ETFs See $393M Inflows: A Shift from Bitcoin and a Boost for ETH's Pectra Upgrade
Bybit’s Response and Recovery Efforts
In an attempt to mitigate the losses, Bybit has secured bridge loans with its partners, recovering approximately 80% of the stolen funds.
CEO Ben Zhou stated that the exchange is actively working to retrieve the remaining assets and will pursue legal action against the hackers. Additionally, Bybit has implemented new security measures to prevent further breaches and protect user assets.
Zhou also revealed that the hacker is attempting to launder the stolen funds by converting them into Bitcoin through Chainflip, a cross-chain bridge. He has urged cross-chain service providers to assist in blocking these transactions.
To incentivize tracking and recovering the stolen assets, Bybit has announced an upcoming bounty program, offering rewards to those who provide useful information leading to the funds’ retrieval.
Market Impact and Security Concerns
The magnitude of the Bybit hack has sent shockwaves through the cryptocurrency market. Ethereum’s price briefly dropped to $2,600, while Bitcoin surged to $95,500 amid the market turmoil.
This incident has reignited concerns over the security of centralized crypto exchanges and the risks associated with storing large amounts of assets on single platforms.
The event serves as a stark reminder of the vulnerabilities in the cryptocurrency space. Investors and exchange users are urged to exercise caution, diversify their holdings across multiple wallets, and prioritize security measures such as multi-factor authentication and cold storage solutions.
Read more about Ethereum (ETH):
ETH to USD: Convert Ethereum to US Dollar
Ethereum (ETH), Market Cap, Price Today & Chart History
Conclusion: Moving Forward
Bybit has reassured users that it has fully replenished the Ethereum reserves affected by the breach. A new proof-of-reserves (PoR) audit report will soon be released to maintain transparency and restore confidence in the exchange.
Meanwhile, global regulatory bodies and cybersecurity experts continue to monitor the situation, emphasizing the need for stricter security protocols and enhanced blockchain forensic capabilities to track illicit activities.
As the largest crypto theft to date, the Bybit hack will likely reshape discussions around exchange security, regulatory oversight, and the evolving tactics of cybercriminals in the crypto landscape.
The coming weeks will be crucial in determining whether Bybit can recover the stolen assets and whether law enforcement can successfully track down those responsible.
FAQ
1. What happened at Bybit?
A: Bybit, a major cryptocurrency exchange, experienced a significant security breach. A hacker gained access to one of their Ethereum cold wallets and stole approximately $1.37 billion worth of cryptocurrency, primarily Ethereum.
2. How much cryptocurrency was stolen?
A: The estimated value of the stolen assets is $1.37 billion. This includes a mix of Ethereum (ETH) and other Ethereum-based tokens. Specifically, the stolen assets included roughly 401,347 ETH, along with significant amounts of stETH, cmETH, and mETH.
3. Who is responsible for the hack?
A: While the investigation is ongoing, some analysts suspect the notorious North Korean hacking group Lazarus may be involved. However, this has not been officially confirmed.
4. How did the hacker gain access?
A: Bybit CEO Ben Zhou stated that the hacker accessed one of the exchange's Ethereum cold wallets. The exact method of access is still under investigation.
5. How does this theft compare to other crypto hacks?
A: This is the largest cryptocurrency theft to date, surpassing the previous record held by the Poly Network hack in 2021. Some experts even suggest it might be the largest security breach across any financial sector.
6. What is Bybit doing to recover the stolen funds?
A: Bybit has secured bridge loans to recover approximately 80% of the stolen funds. They are actively working to retrieve the remaining assets and are pursuing legal action against the hackers. They have also implemented new security measures and announced a bounty program for information leading to the recovery of the funds.
7. Has Bybit compensated its users?
A: Bybit has reassured users that it has fully replenished the Ethereum reserves affected by the breach.
Disclaimer: The content of this article does not constitute financial or investment advice.
