Cyber Crime
Biggest Crypto Heist Ever: Bybit Loses Rs 12,000+ Crore in Sophisticated Ethereum Wallet Attack!
On Friday, cryptocurrency exchange Bybit disclosed that a highly sophisticated attack resulted in the theft of more than Rs 11,972 crores in digital assets from one of its offline Ethereum wallets—the largest crypto heist on record.
According to a post on X, the breach occurred when Bybit’s ETH multisig cold wallet initiated a transfer to a warm wallet. However, the signing interface was manipulated: while it displayed the correct address, the underlying smart contract logic was altered, allowing the attacker to redirect the funds. As a result, the perpetrator seized control of the compromised wallet and transferred its contents to an unknown address.
Bybit’s CEO, Ben Zhou, later assured on social media that all remaining cold wallets remain secure. The company has also reported the incident to the relevant authorities.
ALSO READ: Cyber Fraud Ring Busted: 13 Agents Arrested for SIM Card Scam in Chhattisgarh
Although Bybit has yet to officially confirm the attribution, cybersecurity firms Elliptic and Arkham Intelligence have identified the notorious Lazarus Group as responsible. This incident eclipses previous major heists—such as those affecting the Ronin Network (Rs 5117 crores), Poly Network (Rs 5,010 crores), and BNB Bridge (Rs 4,805 crores)—in scale and impact. Independent researcher ZachXBT further noted that on-chain analysis links the Bybit breach to a similar attack on Phemex that occurred late last month.
The Lazarus Group, a North Korea-based hacking collective, is infamous for orchestrating numerous crypto heists to generate illicit revenue for the sanctioned nation. In fact, Google recently described North Korea as “arguably the world’s leading cyber criminal enterprise.” According to blockchain intelligence firm Chainalysis, in 2024 alone the group was estimated to have stolen around Rs 10,988 crores through 47 hacks, accounting for 61% of all illicit cryptocurrency that year.
Mandiant, a Google-owned cybersecurity firm, explained that the rise in cryptocurrency heists can be attributed to the high rewards involved, difficulties in attributing crimes to malicious actors, and many organizations’ still-developing understanding of crypto and Web3 technologies.