Bybit has significantly reduced its ETH shortfall and is preparing a new Proof of Reserves report using Merkle tree verification.
Deposits and withdrawals on the exchange have returned to normal, with reserves nearing full replenishment.
On-chain data shows Bybit acquired ETH through multiple sources, including OTC trades, direct market purchases, and loans.
Bybit co-founder and CEO Ben Zhou has announced that the exchange is once again fully backing client assets on a 1:1 basis. He also revealed that Bybit has completely closed the ETH gap it experienced following the $1.4 billion hack that hit the exchange last Friday. The CEO added that a new audited Proof of Reserves (PoR) report will soon be released, using a Merkle tree verification method to confirm that all customer funds are properly accounted for.
The exchange stated on its X page that ETH reserves are nearly fully restored, with deposits and withdrawals returning to normal. The company wrote:
“We’re close to 100% on our ETH reserves, and deposits & withdrawals are back to normal. Through it all, the crypto community, our partners, and our users have shown unwavering support — thank you. We know where our funds have gone, and we’re committed to turning this experience into an opportunity to strengthen the ecosystem. Initiatives are coming to help the crypto space grow stronger.”
On-Chain Data Reveals Fund Recovery Sources
On-chain analytics firm Lookonchain revealed that Bybit has acquired approximately 446,870 ETH ETH$1 81524h volatility:3.3%Market cap:$218.98 BVol. 24h:$11.79 B
(worth $1.23 billion) through loans, large deposits, and direct purchases. As a result, the exchange has almost fully restored its ether holdings.
Since being hacked, #Bybit has received ~446,870 $ETH($1.23B) through loans, whale deposits, and ETH purchases.#Bybit has nearly closed the gap. pic.twitter.com/0oz3ytLi4X
According to Lookonchain’s report, entities that transferred ETH to Bybit after the hack include those involved in over-the-counter (OTC) trading, with more than $430 million transferred via this method. Another $300 million came from direct exchange purchases, while nearly $300 million was secured through loans. The remaining funds came from addresses linked to crypto investment firms.
Lazarus Group Linked to Hack as Skepticism Emerges
Bybit became the latest major crypto exchange targeted by hackers last Friday when its offline cold wallets were attacked. The breach led to the unauthorized withdrawal of $1.4 billion in ETH, raising concerns about the security of the exchange’s asset storage.
The attackers used a trick involving a fake user interface and URL to gain control of Bybit’s system. They manipulated the smart contract rules to send funds to an unknown address, then split the stolen assets across multiple wallets and traded them on decentralized exchanges.
ZachXBT, a blockchain investigator, has linked the hack to North Korea’s Lazarus Group. It further revealed on February 22 that the group connected the Bybit hack to the Phemex hack by mixing stolen funds from both incidents on-chain, demonstrating a direct link between the two attacks. Lazarus has been responsible for major breaches, including the $600 million Ronin Network hack in 2022 and the $230 million theft from WazirX in 2024.
However, amid the controversy, crypto commentator MartyParty claimed there was no hack. Instead, he suggested it was a cover-up for widespread corruption among major centralized exchanges tied to their leveraged ETH positions.
“There was no hack. Its all narritive to hide the biggest corruption in CEX history involving all major exchanges and their leverage positions on $ETH,” he stated.
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.
Temitope is a writer with more than four years of experience writing across various niches. He has a special interest in the fintech and blockchain spaces and enjoy writing articles in those areas. He holds bachelor's and master's degrees in linguistics. When not writing, he trades forex and plays video games.