Here’s everything we know about Bybit’s $1.4 billion ETH hack, its Lazarus links

• Bybit lost $1.4 billion following a major ETH hack linked to the Lazarus group
• There are now calls for Vitalik Buterin to roll back the chain to help Bybit recover the funds

Bybit’s $1.4 billion Ethereum hack has been reportedly linked to the notorious Lazarus group. As expected, this triggered a withdrawal frenzy as investors exited the crypto exchange en masse.

In fact, according to Bybit’s founder and CEO Ben Zhou, the exchange saw record withdrawal requests, but they were all handled smoothly. 

“Since the hack, Bybit has experienced the most number of withdraws that we have ever seen, We have had a total number of more than 350k withdrawal requests.”

So, how was the exchange compromised, and can it retrieve the >$1 billion lost funds? 

All the details

According to the exchange, the compromise was a sophisticated attack that tricked signers into unknowingly giving control of its multi-signature (multi-sig) cold wallet. 

Source: X

About 400k ETH was siphoned from the compromised cold wallet to the attacker’s address, and split into 10k ETH chunks to several other addresses. Renowned on-chain sleuth ZachXBT has since established and linked these addresses to the North Korean Lazarus group. 

According to CryptoQuant, following the incident, Bybit’s ETH reserves sharply dropped from 443k ETH to about 39k ETH.

Source: CryptoQuant

The incident didn’t stop at ETH investors though. According to CryptoQuant analyst Dark Frost, investors also withdrew 713 BTC from the exchange as fear intensified.  

“The shadow of FTX loomed over the market, triggering a wave of fear and prompting investors to accelerate withdrawals from Bybit. This was evident in BTC, with 713 BTC withdrawn at the same time.”

Will Bybit recover the funds?

According to reports, Bybit received ETH loans from Bitget and Binance to support the withdrawal pressures amid its low ETH reserves. For example – SpotOnChain reported that Bybit received +$170M ETH loans. It stated, 

“Bybit has received $172.5M in loans from various exchanges/institutions to manage customer withdrawals in the past 7 hours, including 40,000 $ETH ($107M) from Bitget 12,652 $stETH ($33.9M) from a #MEXC’s hot wallet and 11,800 $ETH ($31.6M) from Binance’s hot wallet.”

Source: Etherscan

Worth noting, however, that this still leaves it short of the $1.2 billion in stolen funds. Bybit’s CEO, however, has maintained that the exchange is solvent and can cover all user losses. 

“Bybit is solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss.”

Even so, the main question is – Can Bybit recover the stolen funds? 

According to ZachXBT,

“Partial recovery is more common (15-30% in a good scenario?) but it’ll also be a bit harder to launder $1.46B I think depending on how patient they are.”

Some top figures like Samson Mow and Arthur Hayes have urged Ethereum’s founder Vitalik Buterin to roll back the chain to recover funds. Mow stated, 

“I fully support rolling back Ethereum’s chain (again) so the stolen ETH is returned to Bybit_Official and also to prevent the North Korean government from using those funds to finance their nuclear weapons program. It must be done Vitalik Buterin.”

At press time though, Buterin was yet to make a statement. For its part, ETH dropped by about 7%, before stabilizing at $2.68k.