The largest crypto theft in history reveals a new danger for the sector

The theft of cryptocurrencies worth 1.5 billion dollars (1.44 billion euros) from the Bybit platform has raised new doubts in the sector about the security of investments. The attack, carried out last Friday, has focused attention on cold wallets, disconnected from the system and now the target of cybercriminals.

For now, it is the largest cryptocurrency theft in history at market prices when it occurred, according to data compiled by blockchain analytics firm Elliptic. It surpasses the $620 million stolen from Ronin in 2022 or the $611 million extracted from Poly Network in 2021.

Hackers take control of wallets disconnected from the system

“What is most alarming is that even cold wallets, once considered the safest option, are now vulnerable,” said Oded Vanunu, head of product vulnerability research at Check Point Research, a cybersecurity solutions firm.

The company has acknowledged that a hacker took control of an offline wallet linked to the ethereum blockchain, which led to the outflow of 1.5 billion. It was first transferred to a single wallet, then dispersed into more than 40. It contained money in the cryptocurrency ether and derivatives, which were converted to ether before being stolen.

The analysis firm Arkham has said that the funds are now in new addresses, from which sales are being made to convert them into cash. It says that the Lazarus group, linked to North Korea, is behind the attack. “These are experienced people, which points to a very advanced attacker,” said Shahar Madar of the security firm Fireblocks, which is involved in the investigation of the theft.

“This attack represents a shift in cybercrime within the crypto ecosystem, where attackers, instead of exploiting vulnerabilities in code, now manipulate human weaknesses,” insists Check Point.

How did it happen? According to the firm, they take advantage of social engineering attacks, after identifying employees who have the ability to sign transactions; “user interface manipulation”, impersonating the original, and “logical exploitation”, with misleading instructions to evade security measures. Hence, they point out that “more robust security is necessary”, with real-time monitoring of transactions and behavioral analysis to detect fraud before funds are stolen.

Read also What is the 'rug pull', and how it ruined 40,000 investors in Milei's cryptocurrency in 6 hours Rose Salvador

“Your funds are insured,” assures the CEO of the platform

Ben Zhou, CEO of the exchange , has indicated that financing has been closed with entities and funds have been secured to cover 80% of the losses. The company has gone out to buy ether, with the disbursement of about 740 million dollars, according to Arkham. Part of it is needed to cover withdrawals: he assures that he has processed more than 70% of withdrawal requests after the hack. “Your funds are insured,” he assured in a streaming intervention on X. The company has gone out to buy ether to guarantee the transactions, with the disbursement of about 740 million dollars, according to Arkham.

The impact has been felt in the crypto market, with widespread declines this Monday, reaching around 5% in the case of ether, linked to ethereum. In its case, it has already lost 20% so far this year.