Cryptocurrency exchange Bybit was rocked by a staggering $1.5 billion hack on February 21, 2025, marking the largest crypto heist in history. The attack, suspected to be the handiwork of North Korea’s notorious Lazarus Group, targeted the exchange’s Ethereum cold wallet, siphoning off ETH, stETH, mETH, and various ERC-20 tokens. Talk about a Thursday wake-up call. The stolen funds were strategically moved to a main wallet before being distributed across forty different wallets. The attack surpassed the previous record held by the Ronin Network hack of $620 million.
But here’s where things get interesting. Instead of the usual crypto-exchange panic playbook, Bybit’s response was downright revolutionary. CEO Ben Zhou wasn’t hiding under his desk – he was on X within 30 minutes, followed by a livestream session an hour later. The exchange kept churning, processing over 350,000 withdrawal requests in just 12 hours. No frozen accounts, no system crashes, just business as usual. Experts recommend using hardware wallets for enhanced security when storing large amounts of cryptocurrency.
Bybit flipped the crisis script – instant transparency, zero lockdowns, and a CEO who faced the music head-on.
The numbers were brutal. Total outflows hit $5.5 billion, including both the hack and panic withdrawals. Exchange assets took a nosedive from $16.9 billion to $11.2 billion. Ethereum dropped 4% because, well, of course it did. Yet somehow, Bybit maintained its composure and its solvency.
The technical details read like a crypto-thriller. Attackers manipulated smart contract logic and masked signing interfaces, leaving investigators scratching their heads about whether the vulnerability lay in Bybit’s laptops or Safe.global’s systems. Major exchanges quickly blacklisted the hacker’s wallets, showing unprecedented unity in the typically every-exchange-for-itself crypto world.
Despite the chaos, Bybit’s client protection measures held firm. A 1:1 reserve guarantee meant client assets stayed intact, backed by a bridge loan to cover losses. The exchange maintained transparent communication throughout the crisis, while regulators and law enforcement agencies circled like hungry sharks.
In the end, client activity bounced back to pre-hack levels within 24 hours – a reflection of either incredible trust or crypto traders’ notorious short memory. The incident has sparked intense discussions about exchange security and regulatory frameworks, proving that sometimes it takes a catastrophe to drive innovation.
