The largest cryptocurrency theft in history has been linked to North Korean hackers, according to the U.S. Federal Bureau of Investigation (FBI).
BBC Russia reports that the hackers stole nearly $1.46 billion in Ethereum from the Bybit exchange, one of the world's biggest crypto trading platforms.
Lazarus Group Behind the Heist
The FBI identified the perpetrators as Lazarus Group, also known as APT38, BlueNoroff, and Stardust Chollima.
The cybercriminal network, believed to be backed by North Korean authorities, has stolen over $6 billion in cryptocurrency over the past several years. Intelligence agencies suspect these funds help finance North Korea’s military programs and bypass international sanctions.
The hackers struck during a cold wallet transfer, a highly secure process designed to protect assets from cyberattacks.
Despite these measures, they successfully drained approximately 401,000 Ethereum and quickly began laundering the stolen funds by distributing them across thousands of blockchain addresses.
A Bounty for Stolen Crypto
Bybit has assured users that no customer funds were affected, pledging to fully compensate anyone impacted. But the platform has gone a step further—offering a reward to anyone who helps track down the stolen money.
Bybit CEO Ben Zhou issued a public call for assistance, stating: "Join us in the war against Lazarus."
The exchange has created a bounty program, paying:
5% of the recovered amount to individuals who convince third parties to freeze stolen funds.
An additional 5% to organizations that take direct action to block the illicit transactions.
Crypto Industry on High Alert
Blockchain analytics firm Elliptic praised Bybit’s efforts, noting that skilled researchers now have a strong incentive to trace the stolen funds.
However, Keystone Law’s Louise Abbott warned that the theft could damage trust in the crypto industry, which is still recovering from previous scandals.
“If a hack of this scale can happen at the world’s second-largest exchange, it could certainly happen again,” Abbott said.
Despite Bybit’s reassurances, panic set in among investors, with over 350,000 withdrawal requests flooding the platform within 10 hours of the theft’s announcement.
Bybit’s Russian Connection
Bybit ranks as the second-largest crypto exchange globally after Binance, handling over 6% of global trading volume in January 2025. A significant portion of its traffic—about one-third—comes from Russia, where the platform remains highly popular.
Reports also suggest Bybit’s early investors included U.S. President Donald Trump and former PayPal CEO Peter Thiel.
