Cyber Crime
Bybit’s Security Flaws Exposed: Here’s How to Safeguard Your Crypto
February 21, 2025, marked a dark day for the cryptocurrency market as Bybit, the world’s second-largest crypto exchange, suffered an unprecedented hack, resulting in the theft of $1.5 billion. Cybersecurity experts have termed this incident the biggest financial theft in history. In response, panic-stricken investors withdrew an additional $5 billion, though Bybit remains operational. The breach highlights critical flaws in crypto security and offers crucial lessons for users.
How the Heist Happened
Bybit, like other major exchanges, secures assets with multi-layered protection, primarily using cold wallets that remain offline. When needed, funds are transferred manually to hot wallets, with multiple employees authorizing transactions via multi-signature (multisig) technology using Ledger hardware keys.
Hackers infiltrated the system by compromising a Safe{Wallet} developer’s machine, altering code in its web application. During a routine $7 million transfer, Bybit employees unknowingly approved a fraudulent transaction due to a misleading display on their screens. Instead of transferring a limited amount, a malicious smart contract drained an entire cold wallet, funneling funds into hundreds of fake accounts. After the transaction, the Safe{Wallet} website reverted to its normal state, covering the attackers’ tracks. Investigators believe this was a highly targeted supply-chain attack. The stolen Ethereum is now being laundered through multiple small transfers.
Now Open: Pan-India Registration for Scam Reporters & Fraud Investigators!
Lazarus Group Suspected
The FBI has linked the attack to TraderTraitor, a North Korean-backed hacking group also known as Lazarus, APT38, and BlueNoroff. The group has a history of high-profile crypto heists, including:
- $540 million stolen from Ronin Networks (2022) using a fake job offer scam.
- $300 million stolen from DMM Bitcoin (2024), leading to the exchange’s collapse.
- $275 million looted from KuCoin (2020) after a hot wallet key leak.
Lazarus has refined its crypto theft techniques for over a decade, reportedly accumulating $6 billion from various attacks.
Bybit’s Response and Industry Impact
Despite the massive loss, Bybit remains operational and has pledged to compensate affected users. The exchange has also launched a bounty program, offering 10% of any recovered funds. So far, only $43 million has been retrieved.
The scale of the hack has fueled calls for an Ethereum blockchain rollback, but developers have deemed this technically unfeasible. Many industry experts predict an increase in self-custody of crypto assets, as investors lose faith in centralized exchanges.
How to Secure Your Crypto Holdings
For those considering self-custody, strict security measures are essential:
- Use a hardware wallet with a screen – Buy directly from a trusted vendor to avoid tampered devices.
- Never store seed phrases digitally – Keep them on paper or metal engravings, stored securely.
- Diversify storage – Store small amounts on exchanges, while major holdings remain in multiple hardware wallets.
- Use a dedicated device for crypto transactions – If impractical, maintain separate accounts on your computer for daily use and crypto activity.
- Verify wallet software – Download from official sources, check digital signatures, and scan for malware before installation.
- Delay software updates – Wait a week after release to ensure no malicious code has been introduced.
- Beware of phishing scams – Treat unexpected emails or messages as potential fraud attempts.
Looking Ahead
The Bybit breach serves as a stark reminder of crypto’s vulnerabilities. As hacking techniques evolve, investors must stay vigilant, adopt strict security practices, and follow expert guidance to safeguard their assets.