The night of February 21st saw Ben Zhou, CEO of the cryptocurrency exchange Bybit, unknowingly set in motion a devastating event. While approving a seemingly standard transaction, the transfer of a significant amount of Ether, he inadvertently triggered a massive breach.
Thirty minutes later, the call came from Bybit’s CFO. The news was dire: their system had been hacked, and a colossal amount of cryptocurrency was gone. According to the F.B.I., the theft, amounting to $1.5 billion in digital assets, was orchestrated by hackers with ties to the North Korean government. This event represents the largest heist in the history of the cryptocurrency industry.
The hackers exploited a vulnerability in Bybit’s security infrastructure: its reliance on free software. Specifically, they manipulated a freely available system, developed by Safe, that Bybit used to protect customer deposits. Despite specialized security tools being available, Bybit had relied on this system for years, leaving it exposed.
The repercussions of the hack were immediate and significant, sending crypto markets into a tailspin. It also eroded confidence in the industry at a critical juncture. The crypto industry is currently lobbying for new U.S. laws and regulations that would make it easier for people to invest their savings into digital currencies, particularly as the upcoming administration under former-President Trump is expected to be crypto-friendly. A ‘crypto summit’ is scheduled at the White House on Friday with President Trump and major industry figures.
Crypto security experts were alarmed by the attack, especially considering the lax security protocols in place at Bybit. One security firm called the losses “completely preventable,” arguing that it “should not have happened.”
