Chainalysis announced it is investigating the $1.5 billion Bybit hack, the largest cryptocurrency heist in history, and has linked the attack to North Korea-affiliated cybercriminals. The announcement was made on their website on February 24.

According to Chainalysis, the $1.5 billion Bybit hack on February 21, 2025, is the largest cryptocurrency theft ever recorded, surpassing all funds stolen by North Korean hackers in 2024. The attackers used social engineering tactics to compromise Bybit’s wallet security, replacing its multi-signature implementation contract with a malicious version to execute unauthorized transfers. Chainalysis' investigation has revealed that the stolen funds were moved through intermediary wallets, swapped for other cryptocurrencies, and funneled via decentralized exchanges and cross-chain bridges to obscure their origins.

Bybit halted services in France on January 8, 2025, under pressure from the Autorité des Marchés Financiers (AMF), transferring assets to Coinhouse but resumed operations there on February 14, 2025, after exiting the regulator’s blacklist—just days before the hack. India also saw trading curbs in January due to Financial Intelligence Unit (FIU) rules, part of a pattern of regulatory friction for exchanges.

Founded in 2018 in the British Virgin Islands, Bybit has grown into a Singapore-based crypto giant handling over $20 billion in assets by 2025. It specializes in derivatives trading for assets like Ethereum and Bitcoin, serving millions globally despite setbacks like a $1.06 million Indian fine in January 2025.

Chainalysis was founded in 2014 by Michael Gronager, Jan Møller, and Jonathan Levin as a blockchain data platform headquartered in New York City. The company provides data, software, services, and research to government agencies, financial institutions, and cryptocurrency businesses to assist them in detecting and preventing illicit activity involving digital assets. Notably, Chainalysis has collaborated with law enforcement agencies to recover over $1 billion in cryptocurrencies from illegal enterprises.