Bybit CEO Confirms 27.6% of Hacked Funds Still Untraceable Despite Recovery Efforts
Key Takeaways:
- Bybit CEO Ben Zhou confirmed that 72.4% of the funds stolen during a recent hack have been recovered or frozen.
- 27.6% of the hacked funds remain untraceable and remain in the hands of the attacker.
- The breach was a result of a private key compromise on a third-party vendor wallet.
- Bybit assured customers that no customer funds were affected and all business has resumed as normal.
Security Breach Hits Third-Party Wallet Vendor
Bybit, one of the top global crypto exchanges, recently experienced a high-profile security breach on a wallet used by one of its third-party vendors. The hacker exploited a stolen private key that allowed access by an unauthorized party to assets not directly held by Bybit but still associated with its infrastructure.
The attack brought out widespread concern across the crypto industry, given the growing reliance on third-party wallet management tools for both exchange trades and provision of liquidity.
Recovery Status: All or Most Funds Restored or Seized
In a formal release, Bybit CEO Ben Zhou gave an update on the investigation and recovery process. To date, 72.4% of the stolen funds have been recovered or successfully frozen through coordinated efforts with partner exchanges, law enforcement agencies, and on-chain tracking teams.
4.21.25 Executive Summary on Hacked Funds:
Total hacked funds of USD 1.4bn around 500k ETH. 68.57% remain traceable, 27.59% have gone dark, 3.84% have been frozen. The untraceable funds primarily flowed into mixers then through bridges to P2P and OTC platforms.
Recently, we have…— Ben Zhou (@benbybit) April 21, 2025
Recovery Breakdown:
- Assets recovered: Part of the money was rapidly traced and reversed with the help of blockchain monitoring tools.
- Frozen funds: Funds that found their way into wallets on collaborating exchanges were frozen instantly, so they were unable to proceed further.
- Still untraceable: The remaining 27.6% of stolen money are still unaccounted for.
Even while the majority of the money is safe, the fact that more than a quarter are unavailable is a huge concern regarding asset protection and cross-platform cooperation in crypto incident response.
Bybit Co-Founder Ben Zhou on Stage at Crypto Event
Source of the Breach: Vendor Private Key Compromise
According to Bybit’s internal forensic analysis and independent auditors, the root of the breach was a third-party wallet service provider private key compromise. This suggests that the breach was not a direct breach of Bybit’s systems but rather a vulnerability in its vendor’s security processes.
Assurance to Users: No Customer Funds Affected
Ben Zhou assured the community that there was no customer funds implicated in this incident. The compromised wallet never held user assets or operated in Bybit’s hot or cold wallet infrastructure. As a result, all Bybit user balances are intact and secure.
In addition, Bybit is still functioning normally with full trading, deposit, and withdrawal services. The exchange has vowed to fortify its due diligence process for suppliers and improve its real-time alarm systems to prevent such incidents in the future.
Community Response and Deeper Insights
The attack has put third-party risks in the crypto ecosystem back in the spotlight. While exchanges like Bybit normally apply strict internal controls, the over-reliance on external collaborators can expose platforms to unexpected vectors of attacks.
Takeaways stressed by the community:
- Private key management must be decentralized or multi-signature.
- Third-party wallet providers must be subjected to periodic audit and stress tests.
- Exchanges need to be more open about the infrastructure and providers on which they rely behind the scenes.
A number of users also mentioned increasing occurrences of wallet attacks and suggested standards across the industry for wallet integrations, specifically those relating to exchange infrastructure.
Next Steps: Investigation Ongoing
Bybit has vowed to continue tracking the remaining stolen funds, working closely with blockchain analytics groups, law enforcement, and other exchanges that have had interactions with the attacker’s wallet addresses.
The company has also stated that any subsequent updates, including additional recoveries or arrests, will be made publicly available to the public.
As the events keep piling up, the incident reminds us of the complex security landscape in crypto—and the need to be on one’s guard at every point in the custody chain.
More News: Bybit and Zodia Custody Partner to Enhance Institutional Asset Security
The post Bybit CEO Confirms 27.6% of Hacked Funds Still Untraceable Despite Recovery Efforts appeared first on CryptoNinjas.
CryptoNinjas
