Share this article
Bybit Closes 'ETH Gap' as Exchange Replenishes $1.4B Hole After Hack
Bybit has returned to a 1:1 backing of client assets days after being hit by the biggest crypto heist ever.
Updated Feb 24, 2025, 3:34 p.m. Published Feb 24, 2025, 5:06 a.m.
What to know:
- Bybit has returned to a 1:1 backing of client assets and has fully closed the “ETH gap” it faced after an unprecedented $1.4 billion hack hit the exchange.
- Address activity suggests more than $400 million were purchased through over-the-counter trading, with another $300 million brought directly from exchanges.
Bybit has returned to a 1:1 backing of client assets and has fully closed the “ether gap” it faced after an unprecedented $1.4 billion hack hit the exchange late Friday.
The exchange has received 446,870 ether , worth $1.23 billion at current prices, through loans, large deposits, and ether purchases in the past two days, on-chain tracking service Lookonchain said in an X post on Monday.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Address activity suggests more than $400 million were purchased through over-the-counter trading, with another $300 million brought directly from exchanges. Nearly $300 million were sought as loans; the rest are from addresses apparently belonging to crypto funds.
Loading...
ETH prices rose upto 4% over the weekend amid the apparent buying activity, but are down 2% in the past 24 hours as sentiment isn’t fully lifted.
Meanwhile, Bybit said late Sunday that all deposit and withdrawal activity had “fully recovered to normal levels — with total deposits “slightly exceeding” withdrawals as on Saturday in a sign of market confidence.
Friday’s attack targeted one of Bybit’s offline “cold” wallets, which are typically considered secure due to their lack of internet connectivity, in a heist that allowed $1.4 billion in ETH to be withdrawn.
Hackers gained control by exploiting a sophisticated method involving a manipulated user interface (UI) and URL. This allowed the attackers to alter the smart contract logic, redirecting the funds to an unidentified address. The stolen assets were then split across multiple wallets and swapped on decentralized exchanges.
Blockchain sleuth ZachXBT linked the hack to North Korea’s Lazarus Group, a state-sponsored hacking collective notorious for crypto thefts. Lazarus was behind several high-profile crypto attacks, including the $600 million Ronin Network hack in 2022, and a $230 million drain on Indian exchange WazirX in 2024.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Farcaster Switches to Wallet-First Strategy to Grow Its Social App
The protocol still consists of casts, follows, reactions, identities and wallets, and third-party clients are free to emphasize whichever components they want.
What to know:
- Farcaster is shifting its focus from social media to its in-app wallet and trading features to drive user engagement.
- Cofounder Dan Romero acknowledged the lack of sustainable growth in their social-first strategy over the past 4.5 years.
- The wallet's trading tools have shown the strongest product-market fit, leading to a strategic pivot towards financial use cases.
Top Stories
