Bybit’s $1.4 Billion Hack: $380 Million in Crypto Funds Gone Dark Amid North Korean Cyberattack

In a shocking revelation, Bybit’s CEO Ben Zhou announced that a staggering 27.95% of the funds lost during the $1.4 billion hack orchestrated by the notorious North Korean Lazarus Group have become untraceable. This incident marks one of the largest thefts in cryptocurrency history and raises serious questions about security measures in the crypto industry.

Understanding the Scale of the Hack

The cyberattack, which occurred in February, involved the theft of approximately 500,000 ether (ETH). Zhou’s executive summary, shared on the social media platform X, detailed that “Total hacked funds of USD 1.4bn around 500k ETH.” The breakdown of the funds is alarming, with 68.57% remaining traceable, while 27.95% have gone dark and 3.84% have been frozen.

How the Untraceable Funds Disappeared

The untraceable funds primarily flowed into crypto mixers before being transferred through bridges to peer-to-peer (P2P) and over-the-counter (OTC) platforms. Zhou pointed out that the use of Wasabi, a well-known crypto mixer, played a significant role in obscuring the origins of a portion of the stolen Bitcoin (BTC).

Following their initial washing, these funds entered other mixers, including Railgun, Tornado Cash, and CryptoMixer, which are notorious for their capability to anonymize transactions. These actions illustrate the lengths to which cybercriminals will go to obscure their tracks in the increasingly complex world of cryptocurrency.

Cross-Chain Swaps: A Strategy for Concealment

The Lazarus Group executed multiple cross-chain swaps using platforms such as Thorchain, eXch, Lombard, LiFi, Stargate, and SunSwap. This final stage involved converting the illicit funds into more liquid assets, making tracking even more challenging for authorities and forensic analysts.

Forensic Analysis of the Stolen Funds

Forensic investigations have revealed that of the hacked funds, a total of 432,748 ETH—equivalent to 84.45%—has been transferred from ether to Bitcoin via Thorchain. Notably, 67.25% of these funds, amounting to approximately 342,975 ETH (around $960.33 million), has been converted into 10,003 BTC. These have been distributed across 35,772 wallets, with an average of 0.28 BTC per wallet, effectively diluting the traceability of the funds.

Furthermore, 1.17% of the stolen funds, or 5,991 ETH (about $16.77 million), remains on the Ethereum blockchain, tucked away across 12,490 wallets. The fragmentation of these assets complicates recovery efforts significantly.

Response from Bybit and the Need for Bounty Hunters

In light of the hack, the Lazarus Bounty initiative has received 5,443 reports in just two months, with 70 deemed valid. Zhou emphasized the critical need for “more bounty hunters that can decode mixers,” indicating a growing demand for skilled individuals who can navigate the murky waters of cryptocurrency transactions to aid in recovery efforts.

Implications for Cryptocurrency Security

This incident has sent shockwaves through the cryptocurrency community, highlighting vulnerabilities that exchanges like Bybit must address. As the industry matures, the need for robust security measures and regulatory oversight becomes increasingly apparent. Investors must remain vigilant and informed about the platforms they choose to engage with. For instance, if you’re considering buying crypto, read our guides on How to Buy Bitcoin, How to Buy Ethereum, and How to Buy Cryptocurrency.

The Future of Bybit and Crypto Exchanges

As Bybit navigates the aftermath of this unprecedented hack, the broader implications for cryptocurrency exchanges are profound. They must enhance their security protocols to protect user funds and build trust within the community. Additionally, exchanges need to invest in advanced technologies that can detect and prevent similar attacks in the future.

Investors and users of cryptocurrency exchanges should stay informed about ongoing security developments and choose platforms that prioritize safety. For instance, if you’re looking for reliable exchanges, check our reviews of Kraken, Binance, eToro, and KuCoin.

Conclusion: A Call for Vigilance

The Bybit hack serves as a stark reminder of the risks associated with cryptocurrency investments. As the industry continues to evolve, both investors and platforms must work collaboratively to enhance security measures and thwart cybercriminals. While the road ahead may be fraught with challenges, the resilience of the cryptocurrency community will play a pivotal role in overcoming these obstacles. As always, staying informed and vigilant is key to navigating the ever-changing landscape of digital assets.