Bybit

2018-03-01

Bybit founded in Singapore by Ben Zhou, focused on cryptocurrency derivatives trading.

2022-03-01

Bybit relocates global headquarters from Singapore to Dubai, UAE, following in-principle approval from VARA.

2023-10-01

UK Financial Conduct Authority (FCA) implements new crypto promotion rules; Bybit suspends services to UK customers.

2025-01-01

Lazarus Group-linked wallets later connected to the Bybit hack conduct the $29 million Phemex hack, according to ZachXBT's on-chain investigation.

2025-02-04

A macOS workstation belonging to a Safe{Wallet} developer is compromised via suspected social engineering, initiating the supply chain attack.

2025-02-19

Malicious JavaScript is injected into the S3 bucket serving the Safe{Wallet} frontend (app.safe.global), specifically targeting Bybit's cold wallet addresses.

2025-02-21

Approximately 401,347 ETH (~$1.46 billion) is stolen from Bybit's cold wallet during a routine transfer via the compromised Safe{Wallet} interface. ZachXBT submits a detailed attribution report to Arkham Intelligence linking the attack to Lazarus Group. Lazarus-linked wallets also launch memecoin projects on Pump.fun on Solana as a laundering vector.

2025-02-24

Bybit announces it has fully replenished reserves within 72 hours, securing approximately 447,000 ETH through emergency funding from Galaxy Digital, FalconX, and Wintermute.

2025-02-26

FBI formally attributes the hack to North Korean TraderTraitor (Lazarus Group) and publishes 50 associated Ethereum wallet addresses. Security auditor Hacken simultaneously publishes a Proof of Reserves confirming Bybit's reserve ratio exceeds 100%.

2025-03-20

Bybit CEO Ben Zhou discloses that hackers converted approximately 86.29% of stolen ETH to Bitcoin and dispersed it across thousands of addresses on multiple blockchains.

2025-11-17

ICIJ publishes The Coin Laundry investigation, citing Bybit among major exchanges whose customer accounts received funds traced to international criminal organizations.