Hackers carried out the largest cryptocurrency heist ever on Feb. 21, stealing $1.5 billion in Ethereum from Bybit Fintech Ltd., the world’s second-largest crypto exchange. The attack was later linked to North Korean-backed Lazarus Group. The breach sent panic through the crypto industry, raising serious questions about security flaws and whether exchanges are doing enough to protect investor funds.

Bybit CEO Ben Zhou unknowingly approved a transaction that gave hackers full access to one of the exchange’s accounts. The attackers took advantage of a security flaw in Bybit’s system, specifically its use of Safe, a free storage software that was not built to protect billions in assets. Cybersecurity experts slammed Bybit, arguing that the breach “should never have happened” and emphasizing the company’s failure to implement stronger security measures.
The hack triggered panic across the crypto market. Bitcoin’s price plunged 20%, marking its sharpest drop since FTX’s collapse in 2022. Within hours, investors rushed to withdraw $10 billion from Bybit, fearing further losses. To keep the business from collapsing, Bybit borrowed $280 million from other crypto firms, including Bitget and Antalpha, which helped stabilize the exchange.
Bybit’s failure to act on security concerns made the situation worse. Three months before the breach, company officials noticed compatibility issues between Safe and their security systems but neglected it. Acknowledging that the company’s inaction contributed to the disaster, Zhou later admitted, “We should have upgraded and moved away from Safe.”

The Lazarus Group, responsible for over $6 billion in stolen crypto since 2016, quickly laundered the funds through a network of wallets. The FBI reported that the hackers had converted most of the stolen Ethereum into Bitcoin to cover their tracks. This attack underscores the ongoing security flaws in the crypto industry, leaving exchanges vulnerable to cybercriminals.
Bybit managed to survive, processing all withdrawals within 12 hours and using its reserve funds to replace lost assets in just three days.

However, the damage was done and Bybit’s market share fell from 12% to 8%, with investors quickly pulling their funds out. Some customers never came back, proving that even if an exchange recovers its money, regaining trust is a lot harder.
The Trump administration, which has taken a crypto-friendly approach, is preparing to host a crypto summit with industry leaders. Executives are pushing for fewer regulations, but this attack is a clear sign that improving security should be the main priority.

Crypto exchanges operate like banks but without the same level of oversight. Traditional financial institutions must follow strict security measures, while many crypto firms prioritize convenience over protection.

The Bybit hack proves that without better security, the industry remains vulnerable to billion-dollar heists that shake investor confidence and destabilize the market. If crypto is the future of finance, then exchanges need to start protecting it.