On February 21st 2025, approximately $1.46 billion in cryptoassets were stolen from Bybit, a Dubai-based exchange. Initial reports suggest that malware was used to trick the exchange into approving transactions that sent the funds to the thief. This is by the far the largest crypto heist of all time, dwarfing the $611 million stolen from Poly Network in 2021 (and the vast majority of these funds were eventually returned by the hacker). In fact this incident is almost certainly the single largest known theft of any kind in all time, a record previously held by Saddam Hussein, who stole $1 billion from the Iraqi Central Bank on the eve of the 2003 Iraq War. Elliptic has attributed the Bybit theft to North Korea’s Lazarus Group, based on various factors, including our analysis of the laundering of the stolen cryptoassets. North Korea-linked actors have stolen over $6 billion in cryptoassets since 2017, with the proceeds reportedly spent on the country’s ballistic missile program. Lazarus Group has developed a powerful and sophisticated capability to not only breach target organisations and steal cryptoassets, but also to launder these proceeds through thousands of blockchain transactions. Following this theft, Elliptic has been working around the clock with Bybit, cryptocurrency service providers and fellow investigators, to trace the stolen funds and work to prevent them being cashed out.

Full analysis : The $1.46 billion Bybit hack, by far the largest crypto heist of all time, ahead of Poly Network’s $611 mllion in 2021, and possibly the biggest theft ever.