6 hours ago
18
One day after losing more than $1.4 billion worth of Ethereum and related tokens in a sophisticated hack, crypto exchange Bybit said early Saturday that it will offer 10% of recovered funds—up to $140 million—to any on-chain security experts that help the firm get its assets back.
“Within 24 hours of the event, we were overwhelmed with support from some of the best people and organizations in the industry, and we do not take it for granted. We have shared in a dark moment of crypto history, and we’ve proven we are better than the malicious actors,” said Bybit co-founder and CEO Ben Zhou, in a statement.
“We want to officially reward our community who lent us their expertise, experience, and support through the Recovery Bounty Program, and our efforts to make this difficult lesson a valuable one does not stop here," he added. "Bybit is determined to rise above the setback and fundamentally transform our security infrastructure, improve liquidity, and be a steadfast partner to our friends in the crypto community."
In what's believed to be the biggest crypto hack of all time based on the value of assets at the time of the attack, more than $1.4 billion in ETH and stETH were swiped from Bybit early Friday.
The firm said that a transaction from its multi-signature Ethereum cold (or storage) wallet to its hot wallet (used for regular transactions) had been manipulated in some fashion, masking the real destination of the hackers' own wallet.
12 hr from the worst hack in history. ALL withdraws have been processed. Our withdraw system is now fully back to normal pace, you can withdraw any amount and experience no delays. Thanks for your patience and we are sorry that this has happened.
Bybit will come out with full…
— Ben Zhou (@benbybit) February 22, 2025
The investigation is still ongoing, however Arkham Intelligence said Friday afternoon that prominent pseudonymous on-chain sleuth ZachXBT had connected the hack to North Korea's Lazarus group.
In an X thread overnight, ZachXBT provided additional evidence connecting wallets used in laundering Bybit funds to other attacks believed to be executed by Lazarus, including Phemex and BingX hacks.
Lazarus Group just connected the Bybit hack to the Phemex hack directly on-chain commingling funds from the intial theft address for both incidents.
Overlap address:
0x33d057af74779925c4b2e720a820387cb89f8f65
Bybit hack txns on Feb 22, 2025:… pic.twitter.com/dh2oHUBCvW
— ZachXBT (@zachxbt) February 22, 2025
On Friday, Paolo Ardoino—the CEO of stablecoin giant Tether—said that his firm had frozen $181,000 worth of the UDST tied to stolen Bybit funds, with the help of ZachXBT.
"Might not be much but it's honest work," Ardoino wrote on X. "We keep monitoring."
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
English (US) ·