Bybit Introduces $140 Million Bounty for Recovery Efforts After Major Hack
Dubai, Sunday, 23 February 2025.
Bybit launches a new program, offering 10% rewards on recovered cryptocurrency following a $1.4 billion hack attributed to the Lazarus Group, aiming to enhance security within the crypto industry.
The Incident and Immediate Response
On February 21, 2025, Bybit, the world’s second-largest cryptocurrency exchange by trading volume [1], suffered a devastating security breach resulting in the theft of $1.4 billion in cryptocurrencies [2]. The attack, attributed to the North Korean state-sponsored Lazarus Group [2], primarily targeted staked Ether (ETH) and ERC-20 tokens stored in an Ethereum cold wallet [7]. In response, Bybit processed 350,000 withdrawal requests [7] and quickly mobilized resources to address the crisis, including acquiring 36,893 ETH at $2,711 per ETH through trades with Galaxy Digital and FalconX to strengthen liquidity [7].
Recovery Program Details
The Recovery Bounty Program, launched on February 23, 2025, offers a substantial 10% reward of any recovered funds, potentially amounting to $140 million - the largest bounty ever offered in crypto history [2]. Early success has already been demonstrated, with mETH Protocol recovering 15,000 cmETH tokens valued at $43.5 million, and Tether freezing $181,000 USDT linked to the hack [2][7]. Ben Zhou, Bybit’s co-founder and CEO, emphasized the overwhelming support received from the industry, stating, ‘Within 24 hours of the event, we were overwhelmed with support from some of the best people and organizations in the industry’ [1].
Industry Response and Ongoing Efforts
The crypto community has rallied behind Bybit’s recovery efforts, with notable support from industry leaders. Bitget transferred 40,000 ETH (worth $105 million) to assist Bybit’s cash flow operations [7], while former Binance CEO Changpeng Zhao publicly praised Bybit’s transparent communication approach during the crisis [7]. The situation remains dynamic, as blockchain monitoring reveals that the Lazarus Group has begun laundering approximately 5,000 ETH ($13.7 million) as of February 22, 2025 [2].
Security Implications and Future Outlook
This initiative represents a significant shift in addressing cryptocurrency security breaches. Auditor Hacken has confirmed that Bybit maintains bridge loans covering losses and holds reserves exceeding liabilities [7]. The exchange is actively investigating the breach, particularly focusing on weaknesses in its Safe Cold Wallet system [7]. Interested parties can participate in the Recovery Bounty Program by contacting Bybit at bounty_program@bybit.com [1]. The program not only aims to recover stolen funds but also serves to deter future cyber attacks and strengthen the overall security infrastructure of the cryptocurrency ecosystem [8].