Bybit Hack Tied to $2B in North Korean and Iranian Financial Flows

The Bybit cryptocurrency exchange was exploited in February 2025, resulting in the theft of approximately $1.5 billion worth of ether. Investigators have linked this hack to North Korea's Lazarus Group, which is known for state-sponsored cybercrime. The stolen funds were reportedly funneled through Bybit, allegedly aiding Iran in circumventing US sanctions. While the FBI confirmed North Korea's involvement, Iran's role remains unverified by credible sources. The hack is part of a broader trend of significant crypto thefts, with over $3.4 billion reported in 2025 alone. Bybit has stated it prohibits service to Iranian users, but this did not prevent the misuse of its platform. The implications of this incident could affect market perceptions and regulatory responses in the cryptocurrency sector.

Key Points: • Bybit was hacked in February 2025, resulting in a $1.5 billion theft linked to North Korea. • The stolen funds were allegedly used by Iran to evade US sanctions, though this involvement is unconfirmed. • The incident highlights ongoing security vulnerabilities in cryptocurrency exchanges and the scale of crypto thefts.