The group responsible for the $1.4 billion cryptocurrency breach targeting Bybit has successfully laundered over $335 million of the stolen assets, with approximately $900 million remaining in their control. The exploit, which occurred on February 21, resulted in the theft of liquid-staked Ether (STETH), Mantle Staked ETH (mETH), and other digital assets, marking the largest hack in crypto history. Blockchain data reveals that 45,900 ETH (valued at $113 million) was moved by the hacker within a 24-hour period, contributing to a cumulative total of 135,000 ETH ($335 million) laundered so far.
Pseudonymous analyst EmberCN estimates the remaining 363,900 ETH ($900 million) could be fully laundered within 8 to 10 days if current patterns persist.
Investigations by blockchain security firms, including Arkham Intelligence, point to North Korea’s Lazarus Group as the likely perpetrator. Bybit’s co-founder and CEO, Ben Zhou, publicly vowed to confront the group four days after the attack. Blockchain analytics company Elliptic has identified 11,084 wallet addresses linked to the exploit, with expectations of further discoveries as the probe continues.
Despite the breach’s magnitude, Bybit’s swift actions—including honoring customer withdrawals and replenishing the stolen $1.4 billion in Ether within three days—have drawn attention. Dan Hughes, founder of decentralized finance platform Radix, noted that Bybit’s transparent handling of the crisis might bolster confidence in centralized exchanges (CEXs) by demonstrating effective management and accountability. He emphasized that Bybit’s ability to absorb the financial loss without disrupting user transactions could reinforce perceptions of reliability in such platforms.
The Bybit incident accounts for over half of the $2.3 billion in crypto stolen through hacks in 2024, underscoring ongoing security challenges within the industry. While the breach represents a significant setback, the exchange’s response highlights efforts to mitigate fallout and maintain operational stability amid large-scale exploits.