Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack
Cryptocurrency exchange Bybit has officially confirmed a massive security breach, revealing that a sophisticated cyber-attack led to the theft of over $1.46 billion in cryptocurrency. This incident, targeting an Ethereum (ETH) cold wallet, is now recorded as the largest single cryptocurrency heist in history.
The Sophisticated Attack Mechanism
According to Bybit's technical team, the attackers employed a "sophisticated smart contract manipulation." When the exchange attempted a routine transfer from its Multisig Cold Wallet to a Warm Wallet, the attackers masked the signing interface. While the admin saw the correct destination address on their screen, the underlying smart contract logic had been altered to redirect the funds to the hacker's address.
"The attacker was able to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address," Bybit stated in an official post on X.
The Lazarus Group Connection
Leading blockchain security firms, including Elliptic and Arkham Intelligence, have analyzed the on-chain movement and linked the patterns to the Lazarus Group, a notorious state-sponsored hacking unit from North Korea. This group is responsible for a significant portion of global crypto thefts, estimated to have stolen over $1.34 billion in 2024 alone prior to this heist.
Comparison of Major Crypto Heists:
- Bybit (2025): $1.46 Billion
- Ronin Network: $624 Million
- Poly Network: $611 Million
- BNB Bridge: $586 Million
Expert Analysis & Industry Impact
Independent researcher ZachXBT has also linked this incident to the recent Phemex hack, suggesting a coordinated campaign against major exchanges. Google-owned Mandiant warns that as organizations adopt Web3 technologies, the attack surface for such lucrative rewards is expanding rapidly.
7 Comments
Priya Patel (22 Jan 2026, 02:41 PM)
The point about homoglyph attacks (rn vs m) is something everyone should watch out for.
Kiran Deshmukh (22 Jan 2026, 01:41 PM)
Thanks for the update on these CVEs. Very timely information!
Aravind Sharma (22 Jan 2026, 01:41 PM)
This blog is a life-saver for security researchers. Detailed and concise.
Tanuja Mishra (22 Jan 2026, 11:41 AM)
Very insightful post! This really helps in understanding modern threats.
Tanuja Mishra (22 Jan 2026, 02:41 AM)
Cybersecurity is becoming so complex in 2026. Thanks for simplifying it.
Arjun Saxena (21 Jan 2026, 09:41 PM)
Never knew about LOTS strategy before reading this. Very informative.
Megha Kapoor (21 Jan 2026, 05:41 PM)
Thanks for the update on these CVEs. Very timely information!