Cryptocurrency exchange Bybit has experienced significant asset outflows exceeding $5.5 billion after suffering a major security breach. The attack, reportedly orchestrated by North Korea’s Lazarus Group, resulted in the loss of approximately $1.5 billion from the exchange’s ether cold wallet.
According to data from DeFiLlama, Bybit’s total assets dropped from around $16.9 billion to $11.2 billion following the breach. In response, the exchange has launched an investigation to determine the specifics of the attack.
During a session on X Spaces, Bybit CEO Ben Zhou disclosed that immediately after the breach, he initiated an emergency response, mobilizing all available resources to process client withdrawals and address inquiries. Zhou confirmed that the hackers managed to steal roughly 70% of the ether held on behalf of clients, necessitating swift action to secure a loan and ensure withdrawal requests could be met.
Despite the severity of the attack, Zhou noted that ether was not the most withdrawn asset. Instead, the majority of users opted to withdraw stablecoins, prompting a further liquidity challenge for the exchange. While Bybit has reserves to cover these withdrawals, complications arose when Safe—a decentralized custody protocol that provides smart contract wallets—temporarily shut down its functionalities as a precautionary measure.
Safe’s decision impacted Bybit’s ability to access $3 billion worth of USDT stored in its wallet, adding another layer of complexity to the crisis. On social media, Safe clarified that while no evidence suggested its official frontend had been compromised, it had decided to disable certain features to reinforce security.
With withdrawals surging, Bybit’s team worked urgently to regain access to the locked funds. Zhou revealed that within just two hours of the attack, withdrawal requests had already surpassed $100 million, further intensifying the pressure on the exchange.
