Why trust Greenbot
Dubai-based cryptocurrency exchange Bybit weathered a $6.1 billion withdrawal storm this weekend after replacing $1.5 billion in stolen Ethereum (ETH) from last week’s historic hack.
CEO Ben Zhou confirmed that Bybit “has already fully closed the ETH gap” through a combination of loans, whale deposits, and direct purchases. The exchange bought 157,660 ETH worth $437.8 million from major crypto firms, including Galaxy Digital, FalconX, and Wintermute.
“Bybit is again back to 100% 1:1 on client assets through Merkle tree,” Zhou posted on X. The exchange plans to release an audited proof-of-reserves report soon.
The exchange’s total assets previously dropped from $16.9 billion to $10.8 billion as customers rushed to withdraw funds. Roughly 70% of Bybit’s client Ethereum holdings were compromised in the initial attack.
Blockchain analytics firm Lookonchain estimates Bybit recovered about 446,870 ETH, approximately 88% of the stolen amount, through various financial maneuvers. The exchange secured additional Ethereum worth $304 million from centralized and decentralized exchanges.
The attack exploited vulnerabilities in Safe’s smart contract wallet interface during a routine transfer. Safe temporarily suspended its wallet functions while investigating the breach, complicating Bybit’s initial response.
“We know the cause is definitely around the Safe cold wallet. Whether it’s a problem with our laptops or on Safe’s side, we don’t know,” Zhou explained to Bloomberg.
Rob Behnke, co-founder of blockchain security firm Halborn, dubbed the ByBit attack as the “largest incident ever, not just crypto.”
On-chain analysts have linked the sophisticated attack to North Korea’s Lazarus Group. Bybit has launched a $140 million bounty program to gather information about the massive cyberattack.
Ether prices dropped 8% post-hack, while Bitcoin fell 5%. Ethena Labs’ USDe stablecoin briefly depegged to 0.98 USD amid panic. Analysts attributed the market dip to short-term uncertainty rather than systemic risk.
The rapid recovery demonstrates unprecedented resilience in cryptocurrency’s biggest crisis to date. Previous major hacks, like Poly Network’s $611 million loss in 2021, took months to resolve.
