Threat Actors Stole Record $1.5 Billion Worth of Crypto from Bybit

Bybit crypto exchange recently lost a staggering $1.5 billion in what could be the largest cryptocurrency heist in history.

Bybit hit by devastating cyberattack

Threat actors launched a ruthless cyberattack on the well-regarded Bybit crypto exchange, stealing about $1.5 billion worth of crypto in the process.

The incident's impact positioned it as the most significant crypto heist in history, more than doubling the previous most considerable attack, against Ronin Network ($625M).

Perpetrators obfuscated the signing interface during a significant fund transfer from an ETH multi-signature cold wallet to a warm wallet, then diverted the funds to attacker-controlled wallets.

Extensive investigation underway

Threat actors manipulated the smart contract in such a way that, during the transfer, the signing interface displayed the correct address, making it nearly impossible to suspect foul play.

“Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic,” Bybit announced on X. “As a result, the attacker was able to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address.”

Company response and mitigation

After discovering the incident and closely analyzing the situation, Bybit reported the case to authorities and pledged to keep its customers updated.

The company, aided by on-chain analytics experts, identified addresses involved in the incident, which should disrupt threat actors’ attempts to move the stolen funds.

Furthermore, it announced the recovery of roughly $42.76 million worth of crypto as well as the restoration of withdrawals and deposits to pre-attack levels.

Researchers at blockchain cybersecurity firm Elliptic attributed the crypto heist to North Korea's infamous Lazarus group.

Scammers quickly doubled down on the incident

Cybercriminals rarely take a break, as proven by a recent Bybit post advising caution, stating that scammers masquerading as company employees are already on the prowl.

Security incidents like this one are prolific breeding grounds for scammers, who typically waste no time attempting to capitalize on the situation’s urgency.

Instilling a sense of panic in users’ minds is a common tactic meant to destabilize and impede the target’s critical thinking skills, spurring rash decisions, often leading to being scammed.

Thwarting scammers’ attempts and staying safe against crypto attacks

Although this time scammers chose Bybit, a well-established crypto exchange, to steal funds from, sometimes they might go for smaller targets, such as individual crypto investors.

To safeguard your devices and investments against cybercriminals and crypto scams, dedicated solutions like Bitdefender Ultimate Security can give you the upper hand.

It detects and deters viruses, Trojans, ransomware, worms, zero-day exploits, spyware, rootkits, and other digital threats.

Additionally, Scamio can help you check tricky texts, emails, messages, links, images, or QR codes for scams. It also works with given scenarios: describe a situation and Scamio will provide you with a quick assessment of its perceived legitimacy.

Scamio is free and available on Facebook Messenger, WhatsApp, Discord and your web browser. You can also help others stay safe by sharing Scamio with them in France, Germany, Spain, Italy, Romania, Australia and the UK.