Biggest crypto coup of all time: Bybit loses 1.5 billion US dollars
The crypto exchange Bybit has fallen victim to what is probably the biggest theft of digital currency ever. A state could be behind the attack.
(Image: Tobias Arhelger / Shutterstock.com)
It is probably the biggest crypto theft ever: cyber criminals have managed to illegally siphon off 1.5 billion US dollars worth of digital currency from the service provider Bybit.
Apparently, the perpetrators managed to deceive those responsible at Bybit during a routine transaction on Friday so that the funds, mainly in the form of the cryptocurrency Ethereum, were sent to an unknown address instead of a Bybit wallet. The background to the transaction was the transfer from a so-called cold wallet, an offline wallet for storage purposes, to a warm wallet for online trading.
Videos by heise
401,000 currency units gone
A short time later, Bybit CEO Ben Zhou announced the mishap in a livestream. According to the report, 401,000 Ethereum currency units had been stolen. The perpetrators had succeeded in faking the correct address for the transaction, although an unknown false address was actually behind it. After Bybit fell for it, the cybercriminals were able to take control of the cold wallet and move the funds, according to Zhou.
The crypto service provider Arkham Intelligence confirmed outflows of cryptocurrency worth over one billion US dollars from Bybit and wrote on X that the amounts "have started to go to new addresses where they are being sold".
Analysts at IT consultancy Elliptic suspect that this is an operation by the North Korean Lazarus Group, a group of cybercriminals sponsored by the North Korean government. The group is known for exploiting security vulnerabilities to finance the North Korean regime.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Inhalt geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
However, Zhou assured that all other cold wallets at Bybit are secure and that the provider remains solvent. After the attack became known, the company received masses of requests from users who wanted to withdraw funds from their Bybit accounts. Zhou emphasized that Bybit had successfully processed all of these requests. The company is now trying to find out exactly how the attack occurred and where the funds went.
Previously, the hack of PolyNetwork in 2021 was the largest known crypto theft ever. The hacker "Mr. White Hat" later returned the stolen amount of 610 million US dollars.
(nen)
