Bybit Restores 1:1 Backing After Massive Hack
Bybit has successfully returned to a 1:1 backing of client assets, recovering from a significant setback following a staggering $1.4 billion hack that struck the exchange late last Friday. The platform has managed to accumulate a total of 446,870 ether (ETH), valued at approximately $1.23 billion based on current market prices, through a combination of loans, substantial deposits, and ether purchases over the past two days, as reported by the on-chain tracking service Lookonchain in a post on X on Monday.
On-chain address activity indicates that over $400 million worth of ether was acquired through over-the-counter trading, while an additional $300 million was sourced directly from exchanges. Approximately $300 million was obtained via loans, with the remainder coming from addresses that appear to belong to various crypto funds.
Despite the apparent influx of buying activity resulting in a price increase of up to 4% over the weekend, ETH prices have since dipped by 2% in the last 24 hours, suggesting that market sentiment is still somewhat cautious.
In a statement released late Sunday, Bybit announced that all deposit and withdrawal activities had “fully recovered to normal levels,” with total deposits slightly surpassing withdrawals as of Saturday, a positive sign that reflects growing market confidence.
The attack on Friday specifically targeted one of Bybit’s offline “cold” wallets, which are generally deemed secure due to their lack of internet connectivity. The heist enabled hackers to withdraw a staggering $1.4 billion in ETH by exploiting a sophisticated technique involving a manipulated user interface (UI) and URL. This method allowed the attackers to modify the smart contract logic, effectively redirecting the funds to an undisclosed address. Subsequently, the stolen assets were fragmented across multiple wallets and exchanged on decentralized platforms.
Blockchain investigator ZachXBT has linked this high-profile breach to North Korea’s Lazarus Group, a notorious state-sponsored hacking collective known for its involvement in crypto thefts. Lazarus has been implicated in several major crypto attacks, including the infamous $600 million Ronin Network hack in 2022 and a $230 million drain from the Indian exchange WazirX in 2024.
