Bybit recovers market share to 7% after $1.4B hack
Bybit’s market share has rebounded to pre-hack levels following a $1.4 billion exploit in February, as the crypto exchange implements tighter security and improves liquidity options for retail traders.The crypto industry...
Archive context
Older archive item. Useful for background and entity history, but not a fresh market-moving signal.
Bybit’s market share has rebounded to pre-hack levels following a $1.4 billion exploit in February, as the crypto exchange implements tighter security and improves liquidity options for retail traders.
The crypto industry was rocked by its largest hack in history on Feb. 21 when Bybit lost over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH) and other digital assets.
Despite the scale of the exploit, Bybit has steadily regained market share, according to an April 9 report by crypto analytics firm Block Scholes.
“Since this initial decline, Bybit has steadily regained market share as it works to repair sentiment and as volumes return to the exchange,” the report stated.
Block Scholes said Bybit’s proportional share rose from a post-hack low of 4% to about 7%, reflecting a strong and stable recovery in spot market activity and trading volumes.
Bybit’s spot volume market share as a proportion of the market share of the top 20 CEXs. Source: Block Scholes
The hack occurred amid a “broader trend of macro de-risking that began prior to the event,” which signals that Bybit’s initial decline in trading volume was not solely due to the exploit.
Related: Can Ether recover above $3K after Bybit’s massive $1.4B hack?
It took the Bybit hackers 10 days to launder all the stolen Bybit funds through the decentralized crosschain protocol THORChain, Cointelegraph reported on March 4.
Source: Ben Zhou
Despite efforts, 89% of the stolen $1.4 billion was traceable by blockchain analytics experts.
Related: THORChain generates $5M in fees, $5.4B in volume since Bybit hack
Lazarus Group’s 2024 pause was repositioning for Bybit hackBlockchain security firms, including Arkham Intelligence, have identified North Korea’s Lazarus Group as the likely culprit behind the Bybit exploit, as the attackers have continued swapping the funds in an effort to render them untraceable.
Illicit activity tied to North Korean cyber actors declined after July 1, 2024, despite a surge in attacks earlier that year, according to blockchain analytics firm Chainalysis.
The slowdown in crypto hacks by North Korean agents had raised significant red flags, according to Eric Jardine, Chainalysis cybercrimes research Lead.
North Korean hacking activity before and after July 1. Source: Chainalysis
North Korea’s slowdown “started when Russia and DPRK [North Korea] met for their summit that led to a reallocation of North Korean resources, including military personnel to the war in Ukraine,” Jardine told Cointelegraph during the Chainreaction show on March 26, adding:
“So, we speculated in the report that there might have been additional things unseen in terms of resources reallocation from the DPRK, and then you roll forward into early February, and you have the Bybit hack.”— Cointelegraph (@Cointelegraph) March 26, 2025The Bybit attack highlights that even centralized exchanges with strong security measures remain vulnerable to sophisticated cyberattacks, analysts said.
The attack shares similarities with the $230 million WazirX hack and the $58 million Radiant Capital hack, according to Meir Dolev, co-founder and chief technical officer at Cyvers.
Magazine: Trump’s crypto ventures raise conflict of interest, insider trading questions
Why this matters
This security story adds another data point to the current market tape and is useful when read alongside nearby source coverage.
Original source
Read on CointelegraphRelated market context
CoinShares reports end of record $8B outflow streak as Bitcoin funds see inflows
CoinShares reports $287 million in Bitcoin fund inflows, ending a record eight-week, $8 billion outflow streak. Ethereum products...
Trusted Volumes Hacker Returns 1,122 ETH, Keeps $2M Bounty
A hacker tied to the Trusted Volumes exploit has returned 1,122 ETH to the protocol, closing part of a security incident that bega...
ConsenSys inadvertently hired North Korean operative who accessed MetaMask’s core code
ConsenSys inadvertently hired a North Korean operative as a developer consultant who accessed MetaMask's core code before being de...
Bitcoin Sentiment Is Turning Bullish — But It’s Too Early to Celebrate: Report
Bitcoin Magazine Bitcoin Sentiment Is Turning Bullish — But It’s Too Early to Celebrate: Report The Bitcoin bottom may be in — but...
Bitcoin treasury company offers 10% income and still can’t sell nearly half its shares
Swedish Bitcoin treasury firm B Treasury Capital AB expects its new BTC PREF preference share to start trading on the Spotlight St...
Bitcoin must defend $62,500 as altcoins lose $8.8 billion in a week
Bitcoin enters the weekend trading near $62,500 to $64,300, keeping the intraday low as the market's clearest immediate threshold....