NewsGeneral News

Bybit Hack: How 89% of Stolen $1.4B Crypto Can Still Be Tracked

Aria Rose
By Aria Rose
23 Views
8 Min Read
Bybit Hack: How 89% of Stolen $1.4B Crypto Can Still Be Tracked

In February 2025, Bybit, one of the largest cryptocurrency exchanges globally, faced an unprecedented hacker attack. The hack was carried out on February 21, leading to the loss of over $1.4 billion worth of digital assets such as liquid-staked Ether (stETH) and Mantle Staked ETH (mETH). This cyberattack is now regarded as the largest hack in the history of cryptocurrencies and caused a stir in the market. However, the attackers were able to cover their tracks to an extent, and the blockchain detectives have only been able to recover portions of the stolen funds, indicating the continuous war between the hackers and the users of cryptocurrencies.

Contents

Key Developments: A Complex and Ongoing Recovery Effort

After the attack, blockchain security companies, such as Arkham Intelligence, identified the North Korea-sponsored Lazarus Group as the group behind the hack. They are known to be involved in cyber spying and hacking to perpetrate different financial fraud in many organizations such as cryptocurrency trading platforms. While the hackers have not used conventional means to launder the stolen funds, there has been some progress by the Bybit team in recovering the stolen assets. The hackers were able to blend the funds with other recent transactions, but Bybit CEO Ben Zhou still believes that more than $1.4 billion of the stolen money can still be traced.

Bybit
Source: Ben Zhou

The Role of BTC Mixers in the Laundering Process

The funds were also disguised through the use of Bitcoin mixers, considered a common tactic the attackers used. These tools aim at concealing the path through which the funds within the cryptocurrencies flow so that they cannot be easily traced. Zhou also announced in the latest update that most of the stolen assets were in Bitcoin accounts, where they were split across 9,117 wallets. These funds were further processed through several mixers such as Wasabi, CryptoMixer, and TornadoCash. This method has impacted the ability of the investigators to track the stolen assets, hence aggravating the possibility of recovering the same.

The Bounty Hunt for Tracing Funds

Bybit has called for the assistance of the crypto community, particularly “bounty hunters” and white-hat hackers, to help decode the transactions and track down the stolen funds. The exchange has received over 5,000 bounty reports in the past month, with 63 being deemed valid. Bybit is offering a 10% reward of the recovered funds to those who can provide useful information. To date, the exchange has awarded over $2.2 million to 12 bounty hunters who have contributed valuable insights into the recovery process.

LazarusBounty
Source: LazarusBounty

The Lazarus Group’s Sophisticated Tactics

The Lazarus Group’s involvement in the Bybit hack further underscores the increasing sophistication of cyberattacks targeting the cryptocurrency industry. According to reports, the attackers used a sophisticated social engineering technique to deceive key signers into approving a malicious transaction that drained crypto from Bybit’s cold wallets. The group’s ability to exploit vulnerabilities in security protocols has raised concerns about the overall security of cryptocurrency exchanges, even those with robust protection measures in place.

The Challenges of Recovering Stolen Funds

Despite the significant progress made in tracing the stolen funds, the recovery process remains an uphill battle. The use of cryptocurrency mixers has made it incredibly difficult to follow the trail of funds, with each transaction taking a more convoluted path to obfuscate its origin. Blockchain security experts agree that decoding mixer transactions is the biggest challenge they currently face. The Lazarus Group’s use of these advanced methods to launder the stolen assets highlights the growing sophistication of cybercriminal operations targeting the crypto market.

The Impact on the Crypto Industry

The Bybit hack is a stark reminder of the vulnerabilities that even centralized exchanges face in an increasingly complex and hostile cyber environment. Despite Bybit’s strong security measures, the exchange was unable to prevent the breach, raising concerns about the effectiveness of current industry standards. The hack has also intensified the call for more comprehensive security measures across the cryptocurrency ecosystem. Experts argue that exchanges must adapt to the evolving nature of cyberattacks and implement more advanced protections to safeguard user assets.

Conclusion

As the recovery efforts continue, Bybit remains hopeful that a portion of the stolen funds can be frozen and returned. However, the complexity of the laundering process, coupled with the involvement of state-backed actors like the Lazarus Group, has made this one of the most challenging recoveries in crypto history. The ongoing efforts to trace and recover the stolen assets highlight the need for continued vigilance and innovation in cybersecurity within the cryptocurrency industry.

The BIT Journal is available around the clock, providing you with updated information about the state of the crypto world. Follow us on Twitter and LinkedIn, and join our Telegram channel.

Frequently Asked Questions (FAQs)

1- What happened during the Bybit hack?  

On February 21, 2025, Bybit lost over $1.4 billion in a hack orchestrated by North Korea’s Lazarus Group, involving stETH, mETH, and other digital assets.

2- How were the stolen funds laundered? 

The hackers used Bitcoin mixers like Wasabi, CryptoMixer, and TornadoCash to hide the origins of the stolen funds and make them harder to trace.

3- What is Bybit doing to recover the funds?

Bybit is working with blockchain investigators and has launched a bounty program, offering 10% of recovered funds to bounty hunters who help track the stolen assets.

4- Who is responsible for the hack?

The Lazarus Group, a state-backed hacking group from North Korea, is believed to be behind the attack.

Appendix Glossary of Key Terms

BTC Mixers – Tools used to obfuscate cryptocurrency transactions and hide the origin of funds.

Lazarus Group – A North Korean hacking group known for cyberattacks on financial institutions.

Cold Wallet – A secure offline storage method for cryptocurrency assets.

Bounty Hunter – An individual or group tasked with finding and reporting illicit transactions for rewards.

Staked Ether (stETH) – A tokenized version of Ethereum used for staking on the Ethereum network.

Crypto Mixer – A service that mixes cryptocurrency transactions to enhance privacy and make tracking difficult.

Blockchain Investigator – A professional who uses blockchain analysis tools to trace and track digital assets.

References

Cointelegraph – cointelegraph.com

LazarusBounty – lazarusbounty.com

Advertising

For advertising inquiries, please email . advertising@thebitjournal.com or Telegram

TAGGED:
Share This Article
ByAria Rose
Follow:
Areeba Rashid is a dedicated crypto news writer with a passion for making complex topics accessible to everyone. She covers the latest developments in the crypto world, including in-depth price analysis, helping readers stay informed and make sense of market trends.
Leave a Comment

Stay Connected

🔥 Hot Topics! Don't Miss Out!

Eric Trump Joins Metaplanet’s! What is the Game Plan?
Eric Trump Joins Metaplanet’s! What is the Game Plan?
News Crypto Marketing Analysis
South Korea Blacklists KuCoin and BitMEX in Ongoing Crypto Crackdown = The Bit Journal
South Korea Blacklists KuCoin and BitMEX in Ongoing Crypto Crackdown
Crypto Altcoins Bitcoin News
Big Opportunities for Australia Fintech as New Crypto Regulations Unveiled
Big Opportunities for Australia Fintech as New Crypto Regulations Unveiled
General News Crypto
USAID Eyes Blockchain for Boosting Global Aid Efficiency
USAID Eyes Blockchain for Boosting Global Aid Efficiency
News Blockchain Crypto
Why Peter Schiff Calls Strategic Bitcoin Reserve a Crypto Scam
Why Peter Schiff Calls Strategic Bitcoin Reserve a Crypto Scam
News Bitcoin Crypto
Qubetics Raises $15.2M—Is This the Best Penny Crypto to Buy Before the Presale Ends? While Tron’s Growth, Kaspa’s Performance = The Bit Journal
Qubetics Raises $15.2M—Is This the Best Penny Crypto to Buy Before the Presale Ends? While Tron’s Growth, Kaspa’s Performance
News Crypto Sponsored Article
Arctic Pablo Coin Presale Draws Massive Investor Interest as the Top New Meme Coin to Invest in Now Amid Brett and Gigachad Moves = The Bit Journal
Arctic Pablo Coin Presale Draws Massive Investor Interest as the Top New Meme Coin to Invest in Now Amid Brett and Gigachad Moves
Crypto News Sponsored Article
XRP Price Surges as SEC Drops Ripple Lawsuit – Is $3 Next?
XRP Price Surges as SEC Drops Ripple Lawsuit – Is $3 Next?
Marketing Analysis Crypto News Ripple
DFSA Launches Tokenization Sandbox for Digital Finance Innovation
DFSA Launches Tokenization Sandbox for Digital Finance Innovation
News General News
Federal Reserve Holds Rates Steady Cuts 2025 Growth Outlook
Federal Reserve Holds Rates Steady Cuts 2025 Growth Outlook
News Crypto General News
Bitcoin Surges 4.5% As Market Reacts to Fed’s Decision
Bitcoin Surges 4.5% As Market Reacts to Fed’s Decision
Marketing Analysis Bitcoin Crypto News
Ethereum Whales Make a Move—Is a Massive Price Surge on the Horizon?
Ethereum Whales Make a Move—Is a Massive Price Surge on the Horizon?
Ethereum Altcoins News
Ripple CEO Predicts XRP’s Role in U.S. Crypto Reserve Plans
Ripple CEO Predicts XRP’s Role in U.S. Crypto Reserve Plans
News Crypto Ripple
First Solana Futures ETFs Launch: What It Means for Investors
First Solana Futures ETFs Launch: What It Means for Investors
News Altcoins Crypto
Binance Lets Users Decide: Which Crypto Will Be Listed Next?
Binance Lets Users Decide: Which Crypto Will Be Listed Next?
General News Marketing Analysis News

Recent Posts