Crypto’s Grown-Up Response To North Korea’s Historic $1.4B Robbery

Bybit Crypto Exchange (Photo illustration by Jakub Porzycki/NurPhoto via Getty Images)
NurPhoto via Getty Images
On Friday, February 21, 2025, the cryptocurrency world was rocked by the largest hack in history.
Bybit, a Dubai-based centralized exchange, suffered an unparalleled attack that resulted in the theft of approximately $1.4 billion worth of Ethereum (ETH). The crypto exchange said the transaction in question “was manipulated by a sophisticated attack.”
The sheer scale of the breach sent shockwaves throughout the digital asset space, and greater financial sector, but what followed was an even more alarming revelation. The attack was orchestrated by the notorious Lazarus Group, a North Korean cybercrime syndicate infamous for financing the country's nuclear arms program.
Routine Transaction Lead to Wallet Breach
The attack unfolded during a routine transfer of ETH from Bybit’s multisignature cold wallet to its hot wallet.
The hackers exploited a sophisticated vulnerability, manipulating the smart contract logic and concealing their malicious actions within the signing interface. As a result, over 400,000 ETH and staked ETH (stETH) were siphoned off to an unidentified wallet. Blockchain analytics firm Elliptic later reported that 22% of the stolen funds, roughly $270 million, had already been laundered within days of the heist.