A significant portion (20%) of the stolen assets, as reported by the Bybit CEO, remains undiscovered or unaccounted for, possibly hidden within illicit circles.

A significant portion (20%) of the stolen assets, as reported by the Bybit CEO, remains undiscovered or unaccounted for, possibly hidden within illicit circles.

Uncovering Bybit Hack: An In-depth Look

The infamous Bybit hack of February 2025 resulted in a whopping $1 billion in Ether being swiped, primarily liquid-staked Ether (STETH), Mantle Staked ETH (mETH), and other ERC-20 tokens.

Currently, the crypto community is holding its breath as Bybit attempts to regain control, with the upcoming weeks being vital for freezing the funds. Concerns arise as the pilfered coins will likely start being "cleaned" on exchanges, OTC, and P2P platforms, as highlighted by none other than Bybit CEO.

In the aftermath of the heist, the hackers predominantly employed THORChain to swap Ethereum for Bitcoin. A significant chunk—72% of the loot, approximately $900 million worth of ETH—passed through a cross-chain protocol Bybit can monitor.

A DEX called ExCH became the conduit for 16% of the funds, amounting to around $160 million. Meanwhile, $100 million (8% of the losses) were routed via the OKX Web3 Wallet proxy, with around 80% of the stolen amount traceable by Bybit's analysts. information on the remaining 23,553 ETH or $65 million is currently elusive, requiring the expertise of specialists from the associated wallet.

Zhou, Bybit's CEO, sheds light on the current status of their bounty program. Eleven participants, including the Mantle and Paraswap teams and on-chain analyst ZachXBT, have joined forces to freeze part of the stolen funds. The total payout amounting to $2.18 million in USDT was issued.

The FBI has confirmed the involvement of the North Korean cybercriminal group, TraderTraitor (also known as Lazarus Group, APT38, BlueNoroff, and Stardust Chollima) in the Bybit hack. Cryptopunk Adam Back characterized the flawed EVM design as the root cause of the exchange hack.

However, analysts from Sygnia reported that the incident occurred due to a vulnerability in the Safe infrastructure. Despite Binance founder Changpeng Zhao's criticism of the wallet developer's report on the Bybit hack, Bybit has actively restructured its security, now boasting ISO/IEC 27001 certification for information security risk management, enhanced data security, and additional security measures. For example, they've carried out nine security audits within a month of the hack, leading to over 50 new security measures being implemented.

In the context of the Bybit hack, the hackers used THORChain to convert the stolen Ethereum into Bitcoin, but a significant portion, approximately 72% worth around $900 million, was tracked through a cross-chain protocol that Bybit can monitor. The ongoing bounty program led by Bybit's CEO, Zhou, has brought together eleven participants, including experts like ZachXBT, to freeze part of the stolen funds, totaling $2.18 million in USDT so far.

Read also: