Money blog: Major bank set to hike credit card interest rates by up to 50% in weeks
By Connor Sephton, news reporter
The biggest crypto hack in history happened on Friday – with more than £1.1bn stolen from the Bybit exchange in an audacious attack.
But how was this possible, who was responsible, and is there any chance of getting this money back? The Crypto Today podcast has summed up everything we know so far.
How did the hack happen?
Exchanges are where people buy and sell crypto – and because of that, these trading platforms hold a lot of coins.
Bybit had stored vast amounts of the Ether cryptocurrency in what’s known as a “cold wallet” – meaning the funds are held in a place isolated from the internet.
Although cold wallets are meant to serve as an additional security measure, this was a highly sophisticated attack that managed to deceive the exchange’s chief executive, Ben Zhou.
At the time of the hack, Mr Zhou was moving funds to another wallet that Bybit controls – and the transaction had gone through multiple security checks.
But thanks to some behind-the-scenes manipulation, these funds were actually transferred to a different wallet entirely… and one that was controlled by the hackers.
Who is responsible?
Investigations over the weekend have concluded the Lazarus Group carried out the attack.
This hacking group is sponsored by North Korea, and is notorious for hacking crypto companies.
Crypto stolen by the Lazarus Group is carefully cashed out and used to evade economic sanctions against North Korea – with the US claiming these funds have also funded the secretive state’s programs to build ballistic missiles and weapons of mass destruction.
Figures from Chainalysis suggest Pyongyang is a growing threat. North Korean-linked hackers stole £522m across 20 hacks in 2023 – doubling to £1.06bn in 47 incidents last year.
This means that the Lazarus Group has stolen more money in this single hack on Bybit than it managed in the whole of 2024.
Will Bybit recover this crypto?
To be honest, probably not.
While it is possible to track where crypto is sent after a hack takes place, the Lazarus Group uses sophisticated tactics to move funds and evade the authorities.
The Ether stolen from Bybit has already been spread across dozens of wallets, with advanced techniques used to “launder” this crypto so it can be cashed out without suspicion.
That means the trail often runs cold for law enforcement agencies and blockchain investigators trying to claw these digital assets back.
Just £34m of the stolen funds have been frozen so far – just 3% of what was taken.
Bybit has stressed that its customers won’t lose a penny as a result of this hack though, as it has enough funds to cover the loss.
Anyone who has wanted to withdraw crypto from Bybit has also been able to do so as normal, with customers racing to pull billions from their accounts.
This exchange used to operate in the UK, but stopped serving British customers back in 2023.
What does this mean for crypto?
Well… it’s another damaging blow to this industry’s reputation.
These hacks just keep on happening – and it’s understandable that consumers would assume that crypto just isn’t safe.
Bitcoin and Ether have fallen slightly over the past three days – but Bybit limited the damage by being pretty transparent about the hack, and what it was doing about it.
The bigger questions now are whether other crypto exchanges could fall victim to attacks like this in the future – and whether anything can be done to stop the Lazarus Group’s aggressive campaign of hacks.