How the Crypto Exchange Bybit Lost $1.5 Billion to North Korean Hackers

Technology|A $1.5 Billion Hack: How the Biggest Crypto Heist in History Went Down

On the night of Feb. 21, Ben Zhou, the chief executive of the cryptocurrency exchange Bybit, logged on to his computer to approve what appeared to be a routine transaction. His company was moving a large amount of Ether, a popular digital currency, from one account to another.

Thirty minutes later, Mr. Zhou got a call from Bybit’s chief financial officer. In a trembling voice, the executive told Mr. Zhou that their system had been hacked.

“All of the Ethereum is gone,” he said.

When Mr. Zhou approved the transaction, he had inadvertently handed control of an account to hackers backed by the North Korean government, according to the F.B.I. They stole $1.5 billion in cryptocurrencies, the largest heist in the industry’s history.

To pull off the astonishing breach, the hackers exploited a simple flaw in Bybit’s security: its reliance on a free software product. They penetrated Bybit by manipulating a publicly available system that the exchange used to safeguard hundreds of millions of dollars in customer deposits. For years, Bybit had relied on the storage software, developed by a technology provider called Safe, even as other security firms sold more specialized tools for businesses.

The hack sent crypto markets into a free fall and undermined confidence in the industry at a crucial time. Under the crypto-friendly Trump administration, industry executives are lobbying for new U.S. laws and regulations that would make it easier for people to pour their savings into digital currencies. On Friday, the White House is scheduled to host a “crypto summit” with President Trump and top industry officials.

Crypto security experts said they were troubled by what the heist revealed about Bybit’s safety protocols. The losses were “completely preventable,” one security firm wrote in an analysis of the breach, arguing that it “should not have happened.”