The ByBit Hack Analysis: Understanding the Largest Crypto Theft in History
The cryptocurrency industry was shellshocked in February when the Lazarus Group, with ties to North Korea, carried out one of the largest heists in the digital asset industry. Bybit and other cryptocurrency service providers are still reeling from the fallout and hack loss. Discover how the Bybit hack resulted in more crypto losses than any other heist.
Compare some leading heists, including a hacking collective of the previously largest crypto theft that headlined the news over the last few years. Understand how Korean hackers redefined money laundering and pulled off the greatest heist before finding a solution to improve crypto security to prevent future attacks on blockchain transactions.
Was the Bybit Hack the Largest Cryptocurrency Theft in Crypto History? A Comparative Analysis
Blockchain forensics firms are still tracking the lost Ethereum stolen from multiple wallets in February 2025. Here are some current insights from expert blockchain forensics specialists to compare the hacker attack to other large-scale hack losses:
The Bybit Hack Analysis
Looking at the Bybit hack by numbers, the digital heist amounted to €1.309 billion ($1.5 billion, consisting of €1.4 billion worth of Ethereum tokens, €239.42 million worth of Lido-Staked Ether tokens, and €22.448 million worth of Mantle-Staked Ether tokens. The hack loss included over 500,000 ETH, stETH, and mETH worth billions of dollars.
Kaiko Research, a well-known blockchain analytics firm in the crypto industry, suggests that Bybit, the world's second-largest cryptocurrency exchange, is now linked to the biggest heist in history. The Bybit cryptocurrency exchange described the crypto heist as a transfer process manipulation in the ETH Multisig Cold Wallet during a planned, routine transfer.
TRM Labs, one of the leading blockchain forensics firms, also suggests that the Bybit hack on the 21st of February, 2025, was the largest crypto heist to date, blaming North Korean hackers for the criminal activity that led to huge losses on one of the leading decentralised exchanges, with most of the transaction trail still running cold.
A 2025 crypto crime report, including an analysis of hacks in 2024, reveals that North Korean hackers were responsible for criminal activity related to crypto thefts amounting to €746.69 million in 2024 alone. The blockchain technology wasn't North Korea's only target, with the country being responsible for 35% of all criminal activity related to crypto in 2024.
Bybit Shadows All Crypto Hacks in 2024
Reuters reported that digital asset losses from crypto hacks jumped to €2.056 billion ($2.2 billion) in 2024, which includes all criminal activity worldwide, and showed a surge of 21% from the previous year.
However, the cyber attacks boosted Bitcoin, allowing the crypto to achieve a 140% growth rate throughout 2024 as hopes grow for strategic reserve.
ByBit Compared to Other Crypto Hacks
Reuters shared how hackers stole $613 million from the Poly Network in August 2021, which was the second-largest crypto heist in history, causing a loss of €572.64 million. Hackers used token-swapping and the exploitation of Poly Network blockchain technology vulnerabilities. The infamous crypto heist hacker returned €242.82 million.
Another hacker stole over €532 million ($570 million) from Binance Bridge in October 2022 using a BSC token hub to exploit a vulnerability in cross-chain bridging services. Hackers forged arbitrary messages to overcome the proof validations. Still, many of the largest crypto heists in history don't come near the Bybit digital heist in 2025.
Here are more of the biggest heists in the crypto industry over the last few years:
Ronin's $615 million crypto heist cost the Ronan Network and clients €573.85 million in March 2022 after cyber attackers used Axie Infinity to steal digital assets.
The BBC reported on the Coincheck crypto heist that cost clients and the blockchain network €498.38 million ($534 million) in January 2018.
FTX was hacked for at least $650 million or €606.71 million in November 2022. The insolvent FTX cryptocurrency exchange took a final hit before the ship sank.
North Korea Used an Unprecedented Laundering Process with New Obfuscation Techniques
A recent public service (PSA) announcement from the Federal Bureau of Investigations (FBI) stated that TraderTraitor actors with ties to North Korea and the Lazarus Group pulled off the Bybit hack. The group has rapidly converted many stolen digital assets into Bitcoin and other virtual tokens spread across multiple unknown addresses and blockchains.
TRM Labs has also launched a dedicated tracking entity called Bybit Exploiter in February 2025 to aid the FBI and other blockchain forensic teams in finding the laundered crypto. North Korea has implemented new laundering strategies, funneling €149.58 million ($160 million) worth of illicit funds through multiple channels within the first 48 hours.
The North Korean hackers implemented a sophisticated attack, laundering digital assets through a range of intermediary wallets using decentralised crypto exchanges and cross-chain bridges to obfuscate the transaction trail, delaying how law enforcement agencies and tracking entities locate the malicious transactions.
A recent report on DPRK Cyber Activity and Cryptocurrency Theft also shows how North Korean hackers have shifted laundering tactics using cross-chain bridges, evolving strategies for high-profile cryptocurrency thefts, intending to fund illicit activities like ballistic missile programs with access to offline storage at an unknown address.
Other forensics experts aim to track the fraudulent transactions and manipulation of illicit funds after the Lazarus Group pulled off the greatest heist on the Bybit Dubai-based exchange before the hackers could cash out the assets. Still, Bybit confirms security integrity amid safe wallet incidents, promising safe alternatives for the hardware wallet.
The FBI provided definitive proof that the Lazarus Group and North Korea exploited intelligence gaps and the future of finance on blockchain networks. The analytical insights reveal shocking losses and security threats to client data protection. The analysis of hacks also showcases how North Korea stands its ground for the biggest crypto heists to date.
Social engineering hacks require stronger protections to prevent the largest theft from bad actors on centralized and decentralized exchanges. Invest in protecting crypto assets from unauthorised access using artificial intelligence and other cutting-edge solutions.
Contact us to get in touch with our experts.
