Bybit, one of the world’s leading cryptocurrency exchanges, has successfully recovered from a massive $1.4 billion hacker attack, using a mix of loans, large investor deposits, and Ethereum (ETH) purchases. The recovery, confirmed through blockchain data from analytics firm Lookonchain, reassures users that the platform is now financially stable.
Following the hack, which targeted Bybit’s multisignature cold wallet, the exchange took swift action to fill the financial gap. Bybit CEO Ben Zhou announced that the company has “fully closed the ETH gap” and is preparing to release an audited proof-of-reserves report to verify that client funds are secure.
According to Lookonchain, Bybit purchased 266,694 ETH worth around $742 million to restore its reserves. The exchange received a total of 446,870 ETH, valued at approximately $1.23 billion, from multiple sources, including direct purchases, whale deposits, and loans.
Several large investors and institutions played a crucial role in helping Bybit recover from the attack. A single address, likely an over-the-counter buyer, transferred 157,660 ETH (about $437.8 million) to the exchange. Another 109,033 ETH ($304.1 million) came from an entity that sourced ETH from both centralized and decentralized exchanges.
Crypto exchange Bitget contributed 40,000 ETH ($106 million), while MEXC provided 12,653 stETH ($33.9 million). Additionally, other unidentified addresses sent large amounts of ETH, including one that transferred 22,609 ETH ($61.9 million) and another that sent 20,000 ETH ($53.7 million). Venture capital firms also participated, with Mirana Ventures and a possible Fenbushi Capital-linked entity each sending 10,000 ETH ($28 million). Smaller contributions came from users such as “@yuchao” (2,499 ETH) and DWF Labs (2,200 ETH).
Also Read:
- Bybit Loses $1.4 Billion to Hackers in Largest Crypto Theft Ever
- Apple Unveils iPhone 16e, Pre-Orders Begin February 21
Bybit’s aggressive ETH purchases not only stabilized its reserves but also had a positive effect on the Ethereum market. Following the exchange’s actions, the price of ETH rebounded by 6%, recovering from a previous decline caused by the hack.
The attack on Bybit is believed to be linked to the notorious North Korean state-backed hacker group, Lazarus. Blockchain investigator ZachXBT discovered that the hackers used the same on-chain addresses to transfer stolen funds from both the Bybit attack and a recent breach at another exchange, Phemex.
Lazarus has been responsible for multiple large-scale cryptocurrency thefts in the past, using sophisticated tactics to launder stolen funds. The group is known for merging stolen assets from different attacks, making it harder for authorities to track the funds.
To restore user confidence, Bybit is set to release a new proof-of-reserves report that will confirm all client assets are backed 1:1. The report, based on a Merkle tree verification system, will provide transparency and security assurances.
Bybit’s CEO Ben Zhou reassured users, stating, “Bybit is again back to 100% 1:1 on client assets through the Merkle tree. The audited report will be published very soon.”