The global renowned crypto exchange Bybit recently suffered an unprecedented hacker attack, with stolen funds amounting to $150 million. It is believed that the mastermind behind this incident is the notorious North Korean hacker group Lazarus Group. Facing this sudden crisis, Bybit quickly took responsive measures, including prioritizing withdrawal for retail users, adjusting the capital flow of institutional clients, and relying on the liquidity support from exchanges like Bitget, to restore full withdrawal functionality within 12 hours.

In the Space discussion hosted by media outlet Wu Blockchain, Bybit executives Shunyet Jan and CEO Ben Zhou detailed the incident process, loss situation, response measures, and future improvement plans.

($2.4B Outflow in One Night! Bybit Hack Latest: Bitget Assists with 40K ETH, Bybit Mobilizes Funds to Address the Crisis)

70% of ETH spot inventory stolen, how to resolve the liquidity crisis?

After the incident, Bybit found that the stolen funds were mainly concentrated in the ETH spot inventory, accounting for about 70% of the total. Due to the large number of users rushing to withdraw, the company had to temporarily suspend some trading and allow withdrawals in batches based on user tiers.

Shunyet Jan said that exchanges like Bitget, MXC, and market makers provided liquidity support, with some funds supplemented through lending or swapping to meet user withdrawal demands. Eventually, 12 hours after the incident, Bybit reopened all withdrawal functions, and the liquidity issue has been fully resolved.

It is worth mentioning that Bitget stood out in this assistance, not only providing a large amount of capital support, but also without requiring any collateral or interest. This spirit of industry mutual aid allowed Bybit to restore operational stability in the shortest possible time.

Hacker identity exposed, hope of fund recovery is slim

The investigation shows that the mastermind behind this attack is most likely the Lazarus Group - a North Korean hacker group that has been active in the crypto field for a long time. This group previously participated in the Axie Infinity Ronin Bridge theft incident and successfully stole $625 million.

(Axie Infinity Side Chain Ronin Exploited, 173,600 ETH and $25.5M USDC Lost)

Shunyet Jan pointed out that although Bybit and the security team are doing their best to track the stolen funds, considering Lazarus Group's past modus operandi, the possibility of recovering the funds is extremely low. Hackers usually use multiple wallets, mixing tools, and cross-chain bridges to launder the funds, making them difficult to trace and freeze.

In addition, some industry insiders have proposed whether the ETH Fork can be used to roll back the transaction, but since the stolen amount only accounts for 0.3%-0.4% of the total ETH supply, the community generally believes that such extreme measures are unlikely to be adopted. However, Bybit is still communicating with the Ethereum core team and founder Vitalik Buterin to seek possible solutions.

Bybit takes measures to restore user trust

This hacker attack not only exposed Bybit's security management vulnerabilities, but also impacted its brand reputation. Facing market doubts, Bybit executives admitted that there were deficiencies in internal processes and stated that they will make improvements in multiple aspects:

• Enhance security measures: Reevaluate wallet storage methods, optimize multi-signature management, and strengthen cold wallet security
• Optimize risk control processes: Adjust withdrawal review mechanisms and increase the security verification level for large transactions
• Strengthen transparent communication: Regularly disclose investigation progress and publish more detailed reserve proofs

Ben Zhou emphasized: "We have never encountered a hacker attack of this scale before, and this incident is a heavy lesson for Bybit. In the future, we will strive to rebuild user trust through transparent management and stricter security reviews."

CEO expresses gratitude for industry assistance

Although Bybit has suffered a heavy blow, the crypto industry has shown rare unity. Multiple exchanges, market makers, and institutional investors have lent a hand to provide liquidity support, ensuring that Bybit can quickly resume normal operations.

Ben Zhou mentioned in an interview: "This reminds me of the time after 9/11, when companies on Wall Street shared office space with their competitors. Competitors are not just competitors, but when facing common challenges, the industry needs to unite." Major crypto exchanges like Binance and OKX also proactively contacted Bybit, expressing their willingness to provide assistance, but due to the quick response from Bitget and other institutions, Bybit ultimately did not use Binance's liquidity support.

Bybit's Next Steps: Crisis Response and Future Planning

After the incident, Bybit quickly set up several investigation teams, responsible for security vulnerability analysis, liquidity management, user communication, and future improvement plans. Currently, the company has taken the following measures:

• Security investigation: Collaborating with on-chain analysis companies, SlowMist, and other security agencies to track the flow of hackers' funds and conduct in-depth analysis of the vulnerabilities in the Safe multi-signature wallet.
• Fund replenishment: Through OTC trading, borrowing, and its own capital reserves, gradually filling the $1.5 billion funding gap.
• User compensation and increased transparency: Planning to release more frequent proof of reserves and provide users with more security assurance information.

Ben Zhou also stated that in the future, Bybit will adopt stricter measures in cold wallet management, such as dividing large assets into separate storage to avoid single point of failure leading to catastrophic impact.

Can Bybit Withstand the Largest Hacking Attack in History?

This $1.5 billion cryptocurrency theft case is not only the biggest challenge facing Bybit, but also a wake-up call for the entire industry. The security issues of crypto exchanges have once again become a focus, and users' trust in their risk control capabilities is also being tested.

Although Bybit has restored the withdrawal function in a short period of time and successfully stabilized liquidity, whether it can completely rebuild user trust is still the biggest challenge in the future. The company has initiated a series of optimization measures, but the ultimate effectiveness remains to be seen.

From an industry perspective, this incident has also prompted exchanges to re-examine their security strategies, especially in terms of cold wallet and multi-signature management. In the future, the industry may impose stricter regulations on large-scale asset management methods to reduce the risk of similar incidents occurring again.