Bybit Traces $960M After Historic Crypto Hack

Bybit CEO Ben Zhou revealed that 68.5% of the $1.4 billion stolen from the exchange remains traceable, amounting to approximately $960 million. However, over a quarter of the funds $386 million have already been lost to anonymity-enhancing techniques.

Zhou shared in a post on X how the untraceable assets were channeled through privacy tools and obfuscation architectures like Bitcoin mixers and cross chain bridges to be cumulated in P2P and OTC platforms.

Lazarus Group Behind $1.2B Crypto Attack

The attack was initiated by an open source privacy mixer named Wasabi, which was employed through the Tor network, and the group then routed the assets through other crypto-anonymity solutions, including CryptoMixer, Tornado Cash, and Railgun, Zhou said, pointing to the North Korean Lazarus Group as the prime suspect behind the attack.

Zhou claimed that the hackers turned 84.4% of the stolen assets worth about $1.2 billion into Bitcoin from Ethereum. Through transactions distributed over and more than 35,000 wallets, this was done using THORChain, a decentralized liquidity protocol. Up till now, Bybit has managed to freeze only 3.8% of the stolen crypto.

Bybit Reclaims 7% Market Share Post-Attack

The magnitude of the attack may indicate that Bybit has surprisingly quickly recovered from it. Since then, the exchange has joined forces with Zodiac Custody, a crypto custodian for institutions, to boost its security and prepare for any future threats. On April 10, Bybit has taken the 7% of the market share back, remaining a resilient player the field.

Bybit is now one of the two biggest cryptocurrency exchanges, currently having a daily volume of over $1.9 billion, checking in behind Binance, according to CoinMarketCap. Its user base is turning positive again with 3.5 million visits per week.

To try to retrieve the stolen funds and disrupt operations of Lazarus Group, Bybit began a major bug bounty program offering a $140 million reward equating to 10% of the stolen sum. It’s gathered more than 5,400 reports, but only 70 have been rated as real leads.

Bybit’s response as the investigation continues also offers a glimpse of how large crypto platforms would likely cope with massive breaches in an age with more complex cyber threats.