Opinion by: Andrey Sergeenkov, researcher, analyst and writer
Crypto founders love big promises: decentralized finance, banking the unbanked and freedom from intermediaries. Then hacks happen. In some cases, billions vanish overnight.
On Feb. 21, 2025, the North Korean Lazarus Group stole $1.46 billion from Bybit. They sent phishing emails to staff with cold wallet access. After compromising these accounts, they accessed Bybit’s interface and replaced the multisignature wallet contract with their malicious version. When Bybit attempted a routine transfer, the hackers redirected 499,000 Ether (ETH) to addresses they controlled.
This wasn’t just a human error. This was a design failure. A system that allows human factors to enable a billion-dollar theft isn’t innovative — it’s irresponsible.
People are not protected
In just 10 days, the hackers converted all 499,000 ETH into untraceable funds, using THORChain as their primary channel. The decentralized exchange processed a record