Bybit Can’t Trace $280M in Stolen ETH Anymore, but Can It Track 6,954 BTC Wallets?
Bybit’s CEO, Ben Zhou, revealed that 20 per cent of the hacked funds from the crypto exchange have “gone dark,” meaning they were either mixed, laundered, or sent to platforms that obscure transactions. Hackers siphoned $1.4 billion from Bybit last month, making the untraceable funds total approximately $280 million.However, Bybit was able to freeze only 3 per cent of the stolen funds, while the remaining 77 per cent remain traceable.3.4.25 Executive Summary on Hacked Funds: Total hacked funds of USD 1.4bn around 500k ETH, 77% are still traceable, 20% has gone dark, 3% have been frozen. Breakdown: - 83% (417,348 ETH, ~$1B) have been converted into BTC with 6,954 wallets (Average 1.71 btc each) . This and…— Ben Zhou (@benbybit) March 4, 2025Tracking Thousands of WalletsHackers, allegedly linked to North Korea’s Lazarus Group, breached Bybit's security and stole approximately 500,000 Ether (ETH). According to Zhou, 83 per cent of the stolen Ether—valued at about $1 billion—has been converted into Bitcoin, with 6,954 wallets now holding an average of 1.71 BTC each.“This and the coming week are critical for fund freezing as the funds will start to clear at exchanges, over-the-counter, and peer-to-peer,” Zhou wrote.Bringing in Bounty HuntersHe further revealed that “11 parties helped [Bybit] to freeze” some of the stolen funds. Bybit also paid more than $2.1 million in USDT to bounty hunters who assisted in the recovery effort. The exchange launched a bounty program worth $140 million to gather leads on the cyberattack.The attack on Bybit was the largest in terms of monetary value. Hackers gained unauthorised access to the Safe (Wallet) infrastructure, allowing them to drain significant funds from Bybit’s control. Safe is a decentralised custody protocol that provides smart contract wallets for managing digital assets. Some exchanges have integrated Safe, enabling users to retain control of their funds while using multi-signature functionality to enhance the security of their cold wallets.Despite the scale of the attack, Bybit remained transparent about its crisis response. Although the exchange saw a surge in withdrawal requests following the breach, it secured a substantial amount of Ether from various platforms to cover the shortfall created by the attackers. This article was written by Arnab Shome at www.financemagnates.com.
FieNews 
Bybit’s CEO, Ben Zhou, revealed that 20 per cent of the hacked funds from the crypto exchange have “gone dark,” meaning they were either mixed, laundered, or sent to platforms that obscure transactions. Hackers siphoned $1.4 billion from Bybit last month, making the untraceable funds total approximately $280 million.
However, Bybit was able to freeze only 3 per cent of the stolen funds, while the remaining 77 per cent remain traceable.
3.4.25 Executive Summary on Hacked Funds: Total hacked funds of USD 1.4bn around 500k ETH, 77% are still traceable, 20% has gone dark, 3% have been frozen. Breakdown: - 83% (417,348 ETH, ~$1B) have been converted into BTC with 6,954 wallets (Average 1.71 btc each) . This and…— Ben Zhou (@benbybit) March 4, 2025
Tracking Thousands of Wallets
Hackers, allegedly linked to North Korea’s Lazarus Group, breached Bybit's security and stole approximately 500,000 Ether (ETH). According to Zhou, 83 per cent of the stolen Ether—valued at about $1 billion—has been converted into Bitcoin, with 6,954 wallets now holding an average of 1.71 BTC each.
“This and the coming week are critical for fund freezing as the funds will start to clear at exchanges, over-the-counter, and peer-to-peer,” Zhou wrote.
Bringing in Bounty Hunters
He further revealed that “11 parties helped [Bybit] to freeze” some of the stolen funds. Bybit also paid more than $2.1 million in USDT to bounty hunters who assisted in the recovery effort. The exchange launched a bounty program worth $140 million to gather leads on the cyberattack.
The attack on Bybit was the largest in terms of monetary value. Hackers gained unauthorised access to the Safe (Wallet) infrastructure, allowing them to drain significant funds from Bybit’s control. Safe is a decentralised custody protocol that provides smart contract wallets for managing digital assets. Some exchanges have integrated Safe, enabling users to retain control of their funds while using multi-signature functionality to enhance the security of their cold wallets.
Despite the scale of the attack, Bybit remained transparent about its crisis response. Although the exchange saw a surge in withdrawal requests following the breach, it secured a substantial amount of Ether from various platforms to cover the shortfall created by the attackers. This article was written by Arnab Shome at www.financemagnates.com.
