Hassan Maishera
TL;DR
-
Crypto exchange Bybit has recorded roughly $4 billion following its hack on Friday.
-
The company is still investigating the cause of the hack that resulted in a $1.5 billion loss.
Bybit Processes Over $4B in Withdrawals Following Hack
Bybit, one of the world's leading cryptocurrency exchanges, recorded over $5.5 billion in outflow following its $1.5 billion hack on Friday. The hackers, believed to be from North Korea’s Lazarus Group, drain Bybit’s ether cold wallet.
Data obtained from DeFiLlama revealed that the total assets tracked on wallets associated with the exchange plunged from around $16.9 billion to $11.2 billion, indicating a decline of over $5.5 billion.
The
The cryptocurrency exchange has done an excellent job in processing all client withdrawals following the hack and also responding to inquiries about what was going on.
In an X spaces session, Bybit’s CEO Ben Zhou revealed that the security breach saw the hackers make off with roughly 70% of their clients’ ether. The crypto exchange quickly processed a loan to enable it to process withdrawals. However, Zhou revealed that Ether wasn’t the most withdrawn token, with most users instead withdrawing stablecoin from Bybit.
Following the hack, Safe moved to temporarily shut down its smart wallet functionalities to ensure confidence in Bybit’s security. Safe is a decentralized custody protocol providing smart contract wallets for digital asset management. Some exchanges integrated Safe, which allows users to maintain custody of their funds and has multisig functionality to enhance the security of their cold wallets.
In a social media post, Safe said that while it had "not found evidence that the official Safe frontend was compromised," it was temporarily shutting down "certain functionalities" out of caution.
With increasing withdrawal requests, Zhou told his security team to engage Safe to “find a better way to get this money out,” as Bybit has roughly $3 billion locked with Safe. The team developed new software with code “based on Etherscan” to verify the signatures “on a very manual level” to move the stablecoins back to their wallet and cover the withdrawal surge.
Zhou revealed that the Bybit team was up all night to complete withdrawals. The CEO added that since the incident, the exchange has moved a significant amount of funds off of Safe cold wallets and is now determining what system it will use to replace Safe.
In his latest tweet, Zhou announced that Bybit has fully closed the ETH gap. He told his followers that a new audited POR report would be published very soon to show that Bybit is back to 100% 1:1 on client assets through Merkle Tree.
Latest Update: Bybit has already fully closed the ETH gap, new audited POR report will be published very soon to show that Bybit is again Back to 100% 1:1 on client assets through merkle tree, Stay tuned. https://t.co/QLa1vOujM6
— Ben Zhou (@benbybit) February 24, 2025
Bybit Could Explore the Ethereum "Roll Back" Option
Zhou revealed that Bybit had engaged authorities, and the Singaporean authorities took the issue “very seriously.” The company has also engaged Chainalysis as they continue to track the stolen funds.
According to Zhou, the crypto exchange is considering the "roll back" to the Ethereum blockchain, as several industry players had suggested. If the community agrees, Bybit could move in this direction. Zhou added that
“I had my team talking to Vitalik and the Ethereum Foundation to see if there’s any recommendations they can offer to help. I do really thank all these guys on Twitter asking if there is a possibility to roll back the chain. I’m not sure what was the response on their side, but anything that would help we would try.”
However, Zhou added that rolling back might not be a one-man decision since Ethereum is a public blockchain.
Blockchain "rollback" is a state change allowing the funds to be recovered. While rolling back the Bitcoin blockchain is technically possible, such a state change on Ethereum would be more complex, given its smart contract interactions and state-based architecture.
However, for this to happen, a consensus and a possible hard fork would be required, which could draw criticism from the Ethereum community.
The cause of the hack remains unknown. Zhou clarified that Bybit’s laptops have not been compromised.
