In pictures: Bybit’s record-breaking $1.4B hack

Cryptocurrency exchange Bybit has fallen victim to the largest hack in history, with North Korea’s state-sponsored hacking group Lazarus identified as the prime suspect behind the over $1.4 billion exploit on Feb. 21.

Despite the severity of the breach, Bybit opted for an unconventional crisis management approach by keeping withdrawals open and honoring all user transactions. CEO Ben Zhou appeared on camera to address concerns, assuring users that the exchange had sufficient funds to cover all withdrawals. 

He also stated that Bybit was securing immediate liquidity through external support rather than purchasing Ether (ETH) outright.

Onchain data showed Bybit receiving approximately 100,000 ETH of inflows from crypto exchanges Binance and Bitget soon after the hack. Binance co-founder and former CEO Changpeng Zhao stated that the funds linked to Binance were not from the exchange itself but likely from large investors providing loans to Bybit. 

Related: Bybit hack, withdrawals top $5.3B, but ‘reserves exceed liabilities’ — Hacken

Meanwhile, Bitget CEO Gracie Chen confirmed that the inflows from her platform are its own. In a statement to Cointelegraph, Chen said that Bitget has blacklisted the hacker’s wallets and “will block any transactions flowing in from illicit addresses to the exchange once it has been monitored.”

“Our team of security and researchers are currently tracking these activities,” she said.

Bybit’s assets plummet in withdrawal frenzy

A chart shared by analyst Darkfost revealed a sharp decline in Bybit’s Ethereum holdings due to the exploit, followed by a rapid recovery. 

Data from DefiLlama indicates that Bybit’s total asset balance plummeted by $2.535 billion (including the value lost to the hack), with subsequent withdrawals of $2.852 billion, bringing its reserves down to $5.387 billion.

The hack primarily affected Ethereum and related tokens, though the exchange also saw a big drop in its Bitcoin (BTC) balance in the fallout. Bybit saw an immediate drop of $246 million in BTC, followed by a $973 million decline. 

Bitcoin remains the largest asset in Bybit’s reserves, according to CoinMarketCap, followed by Tether (USDT).

Bounty to identify Bybit hacker

Data platform Arkham Intelligence launched a bounty program, offering 50,000 Arkham (ARKM) tokens to anyone who could provide verifiable evidence identifying the hacker.

Crypto investigator ZachXBT later claimed the reward, linking the Bybit exploit to the Lazarus Group. He traced an address used by the hackers to one associated with the January Phemex exploit, which saw $85 million in losses. Further analysis suggested potential connections between the Bybit attack and a past hack on BingX.

Related: ZachXBT identifies Lazarus Group as behind Bybit $1.4B hack, wins Arkham bounty

MetaMask security researcher Taylor Monahan described the incident as not only the largest hack in cryptocurrency history but potentially one of the most significant financial breaches ever recorded.

Auditor says Bybit has sufficient reserves

Bybit and Zhou have largely been praised for their communication efforts and immediate responses, including keeping withdrawals open for customers, with their team responding overnight without sleep.

There have been concerns about the exchange’s solvency, which Zhou claims is not an issue. Hacken, the auditor of Bybit’s reserves added that it confirmed user funds remain fully backed despite the hack.

Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis