The crypto exchange Bybit has rebuilt almost 50% of its ETH reserve funds after crooks stole $1.4 billion from the global cryptocurrency stores. On February 21 the exchange lost $1.4 billion worth of cryptocurrencies by experiencing its largest theft in history.
Analysis from CryptoQuant at 8:52 UTC on February 23 revealed that Bybit held 201,600 ETH equalling more than 45% of its original 439,000 ETH reserve before the hack occurred. The attack ended up leaving Bybit with only 61,000 ETH of its total holdings.
Bybit Received Crypto Industry Support
Bybit received funds through help from the crypto industry and merged with other businesses afterward. Lookonchain records show that the exchange bought 106,498 ETH in OTC transactions with a market value of $295 million. Main crypto marketplaces stepped forward after Bybit’s hacking incident to make urgent funding transfers.
Big players including Binance, Bitget and Du Jun invested their funds totaling 50,000 Ether, 40,000 Ether and 10,000 ETH respectively. User trust remains strong in Bybit management because they recovered quickly from the major security breach and users keep withdrawing funds.
The platform Bybit quickly processed 350,000 withdrawal demands within a 10-hour period before closing 99.9% of the job by 1:45 UTC on February 22 as reported by CEO Ben Zhou. Bybit got $390 million of Ether as emergency financial assistance and funds transfers.
Bybit Bought 106,498 ETH in OTC Trades
It reveals that Binance and Binance-affiliated whales deposited 145,000 Ether to Bybit, $53 million came from one wallet and $127 million from multiple smaller whales. These details emerge from Lookonchain’s research. Based on DefiLlama data Bybit’s total assets dropped $5.3 billion due to hacker activity.
The company maintains more assets than liabilities according to independent audits from its proof-of-reserves auditor Hacken. Experts connect the cybercrime to the North Korean-affiliated Lazarus Group as the attackers behind the exploit.
After investigating the blockchain security companies Arkham Intelligence and ZachXBT uncovered that the North Korean hacking collective performed this breach as well as the $600 million Ronin network theft. Meir Dolev from Cyvers sees parallels between Bybit’s hacking experience with others that impacted WazirX and Radiant Capital.
In the view of Dolev the attacker gained access to Bybit’s Ethereum multisig cold wallet by using a false transaction. The hacker manipulated signers into nonchalantly authorizing a revised contract design that gave the attacker control over the wallet enabling them to redirect funds to an undisclosed recipient.
Though Bybit works on recovery from the attack it raised awareness about remaining crypto security gaps which need stronger safeguards to fight new risks.
