Bybit suffered the largest cryptocurrency theft in history last night, losing approximately $1.4 billion in Ethereum and related tokens. Current situation Bybit has confirmed the hacker attack and quickly taken measures to ensure the security of user funds and the normal operation of withdrawal functions. Has the problem been resolved From the user's perspective, the issue has been resolved and Bybit is covering the losses with reserves; But the hacker investigation and fund recovery are still ongoing. Solution method Bybit borrows from Ethereum to support withdrawals, increase stablecoin liquidity, and collaborates with top on chain analytics institutions to track down hackers. background Bybit， The world's leading cryptocurrency exchange discovered on February 21, 2025 that its Ethereum cold wallet had been hacked, resulting in losses of up to $1.4 billion. This is one of the largest theft cases in the history of cryptocurrency, shocking the entire industry. Current progress Bybit quickly took action to ensure the safety of user funds, including borrowing ETH to support withdrawals, and increasing the liquidity of USDT and USDC. They are also working with on chain analytics providers to track stolen funds and have reported the case to relevant authorities. At present, withdrawal requests are being processed normally and are expected to be completed within 30 minutes. Unexpected details Hackers may be the Lazarus Group in North Korea The investigation shows that the hackers may be the Lazarus group in North Korea, which increases the international complexity of the case. Detailed report The Bybit coin theft incident last night has attracted widespread attention, involving losses of approximately $1.4 billion in Ethereum (ETH) and related tokens. This report will elaborate on the progress of the incident, the resolution situation, and related measures, striving to comprehensively cover all details. Event Overview According to multiple reports, Bybit discovered on February 21, 2025 that its Ethereum cold wallet had been hacked, resulting in a loss of up to $1.4 billion. This is one of the largest theft cases in the history of the cryptocurrency industry, involving assets such as 401347 ETH, 90000 stETH, 15000 cmETH, and 8000 mETH. Preliminary analysis shows that hackers used complex phishing attacks and social engineering techniques to disguise signature interfaces, tamper with smart contract logic, and steal funds. Progress status After the incident, Bybit quickly took action to ensure the safety of user funds and maintain normal operations. The following are specific measures: Financial Security: Bybit CEO Ben Zhou stated on X that even if losses cannot be recovered, the exchange still has the ability to cover them, as user assets are backed 1:1. This means that Bybit will offset losses from its reserves to ensure that users are not affected. • Liquidity support: Bybit borrows ETH to support user withdrawals and increase the liquidity of USDT and USDC to ensure the normal operation of the trading platform. According to Bybit's X post, in the past 12 hours, they have collaborated with industry partners to enhance liquidity. Withdrawal processing: Bybit announced that all pending withdrawal requests will be processed as soon as possible, expected within 30 minutes, indicating that operations have returned to normal. • Investigation and Recovery: Bybit has reported the case to relevant authorities and is working with on chain analytics providers such as ZachXBT and Arkham Intelligence to attempt to trace stolen funds and identify relevant addresses. According to reports, ZachXBT has submitted evidence suggesting that the Lazarus Group in North Korea may be the mastermind behind it Has the problem been resolved From the user's perspective, the problem has been basically resolved, as Bybit promises to cover losses with reserves to ensure the safety of user funds and that withdrawals are not affected. However, from Bybit's own perspective, the problem has not been fully resolved, the stolen funds have not been recovered, and the hacker's identity and attack methods are still under investigation. The market reaction also showed that the ETH price fell by about 3% after the event, reflecting the industry's concerns about security. After the incident, there was volatility in the cryptocurrency market, with ETH prices dropping by about 3% and a total of approximately $70 billion flowing out of Bybit. There has also been discussion within the industry about the security of centralized exchanges, with some investors calling for a possible ETH network rollback. Unexpected details Surprisingly, the hackers may be related to the Lazarus group in North Korea, which not only increases the international complexity of the case but may also trigger broader geopolitical discussions. ZachXBT's investigation shows that hackers conducted test transactions before the attack, demonstrating a high level of professionalism. conclusion In summary, the Bybit coin theft incident last night has been preliminarily controlled, the security of user funds has been guaranteed, and the withdrawal function is running normally. But the recovery of stolen funds and the final conviction of hackers are still ongoing. Bybit's response measures include covering losses with reserves, borrowing ETH to increase liquidity, and collaborating with analysis institutions to investigate, ensuring the continuity of operations.