The Bybit hack made Kim Jong Un crypto's most influential in 2025

Cryptocurrency speech Bybit suffered a $1.4 cardinal hack successful February 2025 that exposed structural weaknesses successful custody systems agelong considered manufacture standards, specified arsenic acold retention and multisignature wallets.

At the time, the exploit was the largest known hack successful crypto history, though that favoritism was aboriginal eclipsed by findings that Chinese mining excavation LuBian mislaid $3.5 cardinal successful 2020.

“The [Bybit] hack showed that acold retention and multisig labels are meaningless if the support flow, transaction visibility, oregon signer situation tin beryllium manipulated,” said Ishai Shoham, caput of merchandise astatine crypto infrastructure institution Utila. “After Bybit, custody architecture became a first-order hazard topic, not a back-office detail.” 

The incidental besides prompted the Financial Action Task Force (FATF) to impulse planetary regulators to code illicit concern risks successful cryptocurrencies, portion exchanges tightened transaction support processes and raised the modular for however breaches are detected and handled.

Private cardinal hacks are liable for large losses for centralized services. Source: Chainalysis

What is FATF and wherefore does it matter?

The FATF is an intergovernmental assemblage that sets standards connected wealth laundering and violent financing. Its recommendations are not legally binding, but its members are expected to abide by its standards. For non-members that autumn short, inclusion connected the FATF grey database could bounds entree to assistance and harm banking relationships.

In a June 2025 report, the FATF cited the Bybit hack arsenic the largest crypto theft ever. It warned that crosschain activity, stablecoins and uneven planetary enforcement were amplifying illicit concern risks faster than existing controls could incorporate them.

FATF called connected jurisdictions to tighten licensing and measure risks associated with overseas exchanges. Source: FATF

“The lawsuit highlights persistent gaps successful the Travel Rule and successful enforcement. Once funds determination into DeFi, it becomes hard to forestall layering and wealth laundering, peculiarly arsenic automation tools marque these processes faster and easier,” Joshua Chu, plus betterment lawyer and co-chair of the Hong Kong Web3 Association, told Cointelegraph.

Related: From Sony to Bybit: How Lazarus Group became crypto’s supervillain

FATF urged jurisdictions to accelerate licensing, supervision and planetary coordination, framing the incidental arsenic grounds that weaknesses successful custody and transaction oversight present airs systemic risks to the planetary fiscal system. Like the US Federal Bureau of Investigation and countless information experts, FATF linked the exploit to hackers tied to North Korea.

Blockchain sleuth ZachXBT was the archetypal to officially nexus Lazarus Group to the Bybit hack. Source: Arkham

“If you inquire who the astir influential idiosyncratic successful crypto was successful 2025, I would accidental Kim Jong Un. Despite the governmental attraction connected crypto authorities and standards alignment, what dominated the FATF study was the Bybit hack.”

Around the aforesaid time, Singapore tightened its licensing regime, ordering unlicensed crypto firms to either obtain permits oregon permission the market. While Singapore drew astir of the headlines, regulators successful countries specified arsenic Thailand and the Philippines were pursuing akin enforcement campaigns.

Custody information and laundering assumptions interruption down

The industry’s knowing of some custody information and illicit money movement shifted pursuing the Bybit hack.

Shoham said the breach made wide that the superior weaknesses were nary longer cryptographic.

Related: Are you a freelancer? North Korean spies whitethorn beryllium utilizing you

“Once funds permission a compromised wallet, attackers tin atomize and recompose worth crossed chains faster than quality effect cycles,” helium said.

This displacement changed the industry's position from treating mixers arsenic the superior menace to recognizing that decentralized routing infrastructure itself enables large-scale, automated theft.”

The Bybit hack besides reignited a long-running statement implicit crosschain infrastructure and the responsibilities of decentralized protocols. As stolen funds moved crossed chains, attraction erstwhile again turned to routing networks specified arsenic THORChain and eXch, which person been used by attackers to swap assets without relying connected centralized intermediaries.

THORChain measurement spiked arsenic Bybit hackers moved funds. Source: THORChain Explorer

Supporters of decentralized models argued that specified protocols are neutral infrastructure, designed to run without discretion oregon gatekeeping. Critics countered that their architecture makes them uniquely charismatic for laundering ample volumes of stolen assets, peculiarly erstwhile combined with automation and fragmented liquidity crossed chains.

Some swappers similar eXch ended up shutting down not agelong aft the hack. 

Bybit sets caller standards for situation response

The Bybit hack crystallized a broader displacement successful however the manufacture approaches some custody and compliance. As crosschain question accelerates and static controls autumn short, exchanges and infrastructure providers are progressively expected to use governance astatine the level of transaction behaviour alternatively than trust solely connected address-based restrictions.

For Bybit, the $1.4 cardinal breach could person marked the opening of a prolonged collapse. Given the exchange’s size, aboriginal fears centered connected the anticipation of an FTX-like contagion that could person triggered different industry-wide downturn conscionable arsenic markets were recovering.

Instead, the exchange’s effect acceptable a antithetic precedent. CEO Ben Zhou appeared publically passim the incident, hosting livestreams to update users connected betterment efforts. Rather than halting withdrawals, a communal reflex during crises, Bybit kept them open and sourced Ether from spouse exchanges to conscionable contiguous lawsuit demand.

That attack has since influenced however different platforms hole for and respond to large breaches. 

Withdrawal freezes are nary longer the default response, and real-time connection has go a baseline expectation. Despite the standard of the hack, Bybit remains 1 of the largest exchanges globally and often ranks arsenic the second-largest level by regular trading volume.

Magazine: Big questions: Would Bitcoin past a 10-year powerfulness outage?