Bybit’s CEO, Ben Zhou, revealed that 20 per cent of the hacked funds from the crypto exchange have “gone dark,” meaning they were either mixed, laundered, or sent to platforms that obscure transactions. Hackers siphoned $1.4 billion from Bybit last month, making the untraceable funds total approximately $280 million.

However, Bybit was able to freeze only 3 per cent of the stolen funds, while the remaining 77 per cent remain traceable.

Tracking Thousands of Wallets

Hackers, allegedly linked to North Korea’s Lazarus Group, breached Bybit's security and stole approximately 500,000 Ether (ETH). According to Zhou, 83 per cent of the stolen Ether—valued at about $1 billion—has been converted into Bitcoin, with 6,954 wallets now holding an average of 1.71 BTC each.

“This and the coming week are critical for fund freezing as the funds will start to clear at exchanges, over-the-counter, and peer-to-peer,” Zhou wrote.

Bringing in Bounty Hunters

He further revealed that “11 parties helped [Bybit] to freeze” some of the stolen funds. Bybit also paid more than $2.1 million in USDT to bounty hunters who assisted in the recovery effort. The exchange launched a bounty program worth $140 million to gather leads on the cyberattack.

The attack on Bybit was the largest in terms of monetary value. Hackers gained unauthorised access to the Safe (Wallet) infrastructure, allowing them to drain significant funds from Bybit’s control. Safe is a decentralised custody protocol that provides smart contract wallets for managing digital assets. Some exchanges have integrated Safe, enabling users to retain control of their funds while using multi-signature functionality to enhance the security of their cold wallets.

Despite the scale of the attack, Bybit remained transparent about its crisis response. Although the exchange saw a surge in withdrawal requests following the breach, it secured a substantial amount of Ether from various platforms to cover the shortfall created by the attackers.

Source: Finance Magnates