Events in the largest hack in crypto history are still unfolding. Bybit, one of the biggest centralized cryptocurrency exchanges, suffered a massive hack, losing $1.4 billion of Ethereum from its cold wallet. The CEO responded to concerns, while online investigators have already revealed who was behind the breach.
On Friday, Bybit CEO Ben Zhou addressed the hack in a statement. “To be honest, right now, everyone is affected,” he shared. Moreover, he confirmed that 70% of all the exchange’s ETH was stolen, clarifying that this is how much they kept in the cold wallet.
Soon after the news of the hack broke, investigators revealed that the infamous North Korean hackers were behind it. Crypto investigator ZachXBT solved Arkam Intelligence’s bounty and provides definitive proof that the Lazarus Group of North Korean hackers was behind it.
Earlier, Arkam Intelligence identified the wallets associated with the hackers. According to Arkam, the hackers held $1.37 billion in ETH across 53 wallets. The enormity of the hack is represented by the fact that at one point, the hacker held 0.42% of Ethereum’s total supply.
This is twice as much as the Ethereum Foundation, and more than Ethereum founder Vitalik Buterin and investment firm Fidelity. According to DeFillama, the Bybit hack represents 16% of all DeFi hack losses. Despite this, Zhou assured users that all assets are backed 1:1. So far, Bybit has not experienced a bank run.
How the Bybit Hack Happened
Because the funds were in a cold wallet, the hack raises concerns about security practices at Bybit. Preliminary investigations revealed that the hacker likely exploited vulnerabilities in Bybit’s multi-signature wallet transfers.
During a routine transfer from the cold to a hot wallet, the hackers executed a phishing scheme. They sent data that mimicked normal internal protocols, directing more than 400 ETH to their wallets. Following that, the hackers distributed their funds to 53 wallets, starting to port from Ethereum to Solana.
The incident highlights that cold wallets are only completely safe when kept offline. As soon as the user initiates a transfer, they are exposed to several vectors of attack.
READ MORE: Bybit Hacked for $1.46 Billion, Distributed to 53+ Wallets
