Bybit Technology

Dubai-based cryptocurrency exchange Bybit Technology encountered a significant cyber incident perpetrated by the North Korean hacking collective Lazarus Group, leading to the loss of $1.5 billion worth of Ethereum in the largest cryptocurrency heist to date. In response to the breach, Bybit announced a bounty program offering up to $140 million for assistance in recovering the stolen assets. Additionally, Bybit aims to launch the 'HackBounty platform' to tackle similar cybersecurity threats industry-wide. The attack unfolded through the compromise of multisig wallet platform SafeWallet's cloud accounts and subsequent manipulation of its JavaScript code. While vulnerabilities in SafeWallet's smart contracts or frontend code were not reported, Bybit's substantial financial loss and subsequent initiatives underscore the serious repercussions of the heist.

Source: https://www.scworld.com/brief/bybit-introduces-bounty-program-as-more-details-on-record-breaking-breach-emerge

"id": "byb525022725",
"linkid": "bybitexchange",
"type": "Breach",
"date": "2/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"