Source: Cointelegraph Original: "{title}"

After the $1.4 billion breach that occurred in February, Bybit's market share has returned to pre-hack levels as the cryptocurrency exchange implemented stricter security measures and improved liquidity options for retail traders.

On February 21, the cryptocurrency industry experienced the largest hack in history, during which Bybit lost over $1.4 billion in liquid staked Ethereum (stETH), Mantle Staked ETH (mETH), and other digital assets.

Despite the scale of the breach, Bybit has steadily regained market share, according to a report from cryptocurrency analytics firm Block Scholes on April 9.

"Since the initial decline, Bybit has steadily regained market share as trading volume has rebounded while working to restore market sentiment," the report noted.

Block Scholes stated that Bybit's market share rose from a low of 4% after the hack to about 7%, reflecting strong and stable recovery in spot market activity and trading volume.

Bybit's spot trading volume market share among the top 20 centralized exchanges. Source: Block Scholes

The hack occurred amid a "broader macro de-risking trend" that had already begun before the incident, indicating that the initial decline in Bybit's trading volume was not solely due to the breach.

According to a Cointelegraph report on March 4, the Bybit hacker took 10 days to launder all the stolen Bybit funds through the decentralized cross-chain protocol THORChain.

Source: Ben Zhou

Despite the hacker's efforts, blockchain analysis experts were still able to trace 89% of the stolen $1.4 billion.

Blockchain security firms, including Arkham Intelligence, have identified North Korea's Lazarus Group as a possible culprit behind the Bybit breach, as the attackers have been exchanging these funds to make them untraceable.

According to a report from blockchain analysis firm Chainalysis, illegal activities associated with North Korean cyber attackers decreased after July 1, 2024, despite a surge in attacks earlier that year.

Eric Jardine, head of cybercrime research at Chainalysis, stated that the slowdown in North Korean cryptocurrency hacking attacks has raised significant alarm.

North Korean hacking activity before and after July 1, 2024. Source: Chainalysis

Jardine told Cointelegraph on the Chainreaction program on March 26 that the slowdown in North Korea "began around the time of the summit between Russia and North Korea, which led to North Korea reallocating resources, including sending military personnel to the Ukraine conflict," adding:

"Therefore, we speculate in our report that there may be other unseen factors in North Korea's resource reallocation, and then in early February, the Bybit hack occurred."

https://t.co/jOlqMt4Hag

— Cointelegraph (@Cointelegraph) March 26, 2025

Analysts say that the Bybit attack demonstrates that even centralized exchanges with robust security measures remain vulnerable to sophisticated cyber attacks.

According to Meir Dolev, co-founder and CTO of Cyvers, this attack bears similarities to the $230 million WazirX hack and the $58 million Radiant Capital hack.

Related: Hackers hide cryptocurrency address swapping malware in Microsoft Office plugin packages.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。