Bybit CEO Ben Zhou has announced that the exchange has successfully filled the gap in its Ethereum (ETH) reservesfollowing a $1.4 billion exploit. To reinforce transparency and trust, Bybit plans to release an audited proof of reserves (PoR) report, ensuring that client assets are backed on a 1:1 basis.
Zhou stated that Bybit has already fully closed the ETH gap, with an upcoming PoR report utilizing a Merkle tree structure to verify that reserves match user deposits. On-chain data from Lookonchain suggests that Bybit secured the missing ETH through a combination of loans, whale deposits, and OTC purchases.
Understanding the Bybit Hack: A $1.4 Billion Heist
On February 21, Bybit suffered a massive exploit where attackers stole over 400,000 ETH, making it the largest crypto exchange hack in history. The attack exploited a multi-signature (multisig) cold wallet approval process, tricking the system into executing a fraudulent transfer.
Hackers reportedly used a fake user interface (UI) to mislead wallet signers, masking the actual destination of the funds. This deception allowed them to gain control over Bybit’s cold wallet assets, including 401,347 ETH, liquid-staked ETH (stETH), and Mantle Staked ETH (mETH).
How Bybit Recovered From The Crisis
To prevent a liquidity crisis and mass withdrawals, Bybit acted swiftly to replenish its reserves. The exchange secured emergency liquidity through a “bridge loan” from industry partners, allowing them to cover stolen assets while maintaining normal withdrawal operations.In addition to these loans, Bybit also purchased significant amounts of ETH via OTC transactions and received whale deposits to restore reserves. Zhou reassured users that even if the stolen funds were not recovered, Bybit’s treasury and retained earnings were sufficient to cover the losses.
With reserves back to full strength, withdrawals are now expected to proceed as usual without disruption.
The LAZARUS GROUP CONNECTION, NORTH KOREAN HACKERS BEHIND THE ATTACK?
According to blockchain analysts, the attack may have been executed by the Lazarus Group, a notorious North Korean cybercriminal organization responsible for multiple high-profile crypto heists.The broader memecoin sector has struggled in 2025, following a massive bull run last year. The GMCI Meme Index, which tracks top memecoins, is down over 40% year-to-date. Solana-based memecoins have performed even worse, with the GMCI Solana Memes Index falling over 61% YTD. Trader sentiment is shifting, and memecoins are finding it harder to sustain momentum.
The LIBRA scandal has been a wake-up call, but it doesn’t mean the end for memecoins. If new launch models emerge that prioritize fairness and transparency, memecoins could adapt and thrive. Sokolin believes the industry needs to become more thoughtful about financial products and move away from casino-style speculation. For now, as long as traders are chasing exponential gains, memecoins will always find a way to existbut the rules of the game may be changing.
What’s Next For Bybit?
With ETH reserves restored, Bybit is now focused on rebuilding user trust. The upcoming audited proof of reserves report will be a crucial step in proving its solvency and reinforcing transparency.
While Bybit has managed to recover quickly, this event serves as a stark reminder of the vulnerabilities in centralized exchanges. Enhanced security measures and real-time monitoring will be essential moving forward to prevent similar incidents in the future.
As the crypto community awaits the full PoR audit, questions remain about whether the exchange will pursue legal action against the hackers and how the broader industry will respond to evolving security threats in the wake of this record-breaking exploit.
