Bybit, a cryptocurrency exchange, has successfully restored its Ethereum holdings after a major security breach that led to a $1.5 billion loss in liquid-staked Ether and MegaETH. Bybit’s CEO, Ben Zhou, announced the recovery and promised a soon-to-be-released audited proof-of-reserves report to assure users that their assets are fully backed. The recovery involved obtaining about 446,870 ETH through loans, large investor deposits, over-the-counter transactions, and exchanges. Notable contributions included significant ETH inflows from anonymous institutional entities, Bitget, MEXC, Mirana Ventures, and Fenbushi Capital. After stabilizing its operations, Bybit is also focused on tracking and recovering the stolen funds, which have been linked to a targeted phishing attack by the North Korean Lazarus Group. The upcoming audit aims to provide transparency and restore user confidence.

• Bybit Fully Restores Ethereum Holdings
  The cryptocurrency exchange Bybit has successfully restored its Ethereum holdings after suffering a $1.5 billion loss due to a major security breach. The CEO, Ben Zhou, assured users that an audited proof-of-reserves report will soon be released to confirm that client assets are backed on a 1:1 basis. Bybit managed to replenish approximately 446,870 ETH through a combination of loans, large investor deposits, and direct purchases.
• Diverse Funding Sources Replenish Bybit’s Reserves
  Bybit recouped its reserves from various sources, with the largest influx of Ethereum derived from an over-the-counter transaction amounting to 157,660 ETH. Additional funds were sourced from centralized and decentralized exchanges, unidentified institutions, and crypto exchange Bitget among others. Smaller contributions also came from various investors and organizations, ensuring Bybit’s stabilization and operational continuity.
• Focus on Recovery and Security Enhancements
  In response to the hack, Bybit has focused on restoring liquidity while committing to recovering stolen funds allegedly linked to the North Korean Lazarus Group. The breach occurred during a routine transfer involving Bybit’s Ethereum multisignature cold wallet, exploiting a phishing vulnerability. Bybit’s forthcoming audit is anticipated to enhance transparency and reassure its user base regarding security and asset management practices.