The recent Bybit attack, which resulted in the theft of $1.4 billion, exposed a massive network of over 11,000 cryptocurrency wallets used to launder the stolen assets. Investigators have tracked these wallets back to hackers suspected of carrying out the attack, as efforts to retrieve the missing assets accelerate.
Following the February 25 breach, Bybit’s co-founder and CEO declared an aggressive response against the perpetrators. To encourage the recovery of stolen cash, the exchange has implemented a blacklist wallet tracking system and a bounty program.
Blockchain analytics firms have stepped in to assist the probe. One such company has issued a real-time data feed including detected wallet addresses to prevent further laundering of criminal funds. These wallets were detected within 30 minutes of the incident being discovered, allowing users and exchanges to avoid transactions with compromised addresses.
Bybit has also teamed up with Web3 security experts to do blockchain forensic investigation. Their primary goal is to locate and freeze the stolen funds while maximizing recovery efforts.
Further investigation of the incident reveals that it began with a phishing scheme aimed at individuals in charge of securing Bybit’s cold wallets. The hackers used a normal transfer process to divert massive amounts of money. According to reports, stolen Ethereum was converted into Bitcoin, Dai, and other digital assets before being distributed across different networks.
Despite the severity of the incident, Bybit has informed users that withdrawals are still available. To ensure platform stability, the company obtained external funding through loans and has begun to repay these debts. The initial repayment entailed transferring 40,000 ETH to a financial partner.
Bybit is still committed to detecting and fighting illicit activities in the bitcoin market. With continuous collaboration among blockchain professionals, security firms, and the larger crypto community, the exchange hopes to hold those responsible accountable while increasing security procedures to prevent future instances.
