Bybit launches $140M bounty after breach of $1.4B Ethereum reserves
Ben Zhou, the CEO of Bybit confirmed that it had restored Ethereum reserves (ETH) following the recent security breach involving $1.4 billion.
Zhou announced in a February 24th post on X that Bybit is soon to release an updated Proof-of-Reserves Report demonstrating that the company now holds client assets 1:1.
He said:
“Bybit has already fully closed the ETH gap, new audited POR report will be published very soon to show that Bybit is again Back to 100% 1:1 on client assets through merkle tree.”
Zhou’s statement confirmed a report from blockchain analytics firm Lookonchain. The firm claimed that Bybit replenished reserves via over-the-counter purchases, whale deposits and loans from major cryptocurrency platforms including Binance Bitget HTX.
Lookonchain reported that the embattled Exchange purchased 157.660 ETH valued at approximately $437.8 Million from investment firms like FalconX and Wintermute through OTC transactions.
Also, it purchased another $304,000,000 in ETH through centralized and decentralized trading platforms.
Fund Recovery Efforts
While the exchange might have closed its platform’s ETH gap, it has stepped up its recovery efforts by initiating a 10% bounty program and freezing some stolen funds.
The crypto trading platform launched on February 22 a bounty program to encourage ethical hackers and cybersecurity specialists to help in the recovery process.
The exchange has offered a reward that could reach up to $140,000,000 if the entire amount is recovered.
Zhou was quoted as saying:
“Bybit launched a bounty program on February 22, encouraging ethical hackers and cybersecurity experts to assist in the recovery process. The exchange has pledged a reward of up to 10% of the recovered funds, potentially offering as much as $140 million if the full amount is reclaimed.”
Bybit also works with other crypto platforms to recover and freeze stolen assets.
Since its launch, the exchange has successfully frozen around $43 Million through partnerships such as Tether ThorChain Bitget ChangeNow Fixed Float Avalanche Circle CoinEx.
Bybit added
“Through swift action and effective coordination, the mETH Protocol team successfully recovered 15,000 cmETH tokens worth approximately $43 million”
Laundering Techniques
The attackers, however, have already started laundering the funds stolen despite all of these efforts.
Elliptic, an Elliptic-owned blockchain forensics firm, has noted that laundering techniques closely resemble those of the Lazarus Group. This notorious cybercriminal organisation is known for its use of similar methods.
The firm claims that the hackers converted the stolen tokens immediately into ETH via decentralized exchanges to avoid asset freezing. This helped to bypass any restrictions that token issuers may have imposed on certain tokens.
In two hours after the attack, money was spread over 50 wallets containing each about 10,000 ETH. The wallets are being systematically emptied and at least 10% have already been moved.
Elliptic stated that the attackers are also converting ETH in Bitcoin through various trading services.
Tornado Cash is a mixer that attackers may use to hide their activities if they continue with past patterns of laundering. However, the sheer amount of stolen assets can complicate this process.
Meanwhile, on-chain investigator ZachXBT also discovered that the attackers attempted to launder funds using memecoins on Solana’s Pump.Fun platform.
The blockchain detective noted that one exploited wallet transferred 60 SOL from an address to create QinShihuang token, which had a trading volume of over $26 Million.
The Solana Foundation & Pump.Fun responded to the attack by removing and blocking the token. This prevented the attackers attempting to cash out. Bybit praised the quick action and highlighted the importance of community driven security measures in cryptocurrency.
