Background: On February 21, 2025, Bybit suffered a multi-signature attack executed by Lazarus Group, a hacker organization funded by North Korea, resulting in the theft of over 150 million USD worth of Ethereum. This incident triggered a large number of withdrawal requests from users, and market activity temporarily declined.

Key Events: According to a report by Kaiko, Bybit's Bitcoin liquidity recovered to pre-attack levels within one month after the hacker attack. The 1% market depth of Bitcoin fully recovered, with market depth rebounding from a low of 0.1% to 8%. Moreover, Bybit's market depth outperformed competitors such as HTX, Bithumb, and MEXC, all of which experienced double-digit percentage declines in liquidity during March.

Impact and Significance: Bybit's Retail Price Improvement (RPI) orders helped stabilize price volatility and provided tighter bid-ask spreads, facilitating liquidity recovery. Although macroeconomic factors caused a slower recovery in altcoin market depth, the top 30 altcoins' market depth also recovered to over 80% of pre-hack levels. Overall, despite experiencing a major security incident and pressures from global trade policy changes, Bybit demonstrated strong market resilience.

Bitcoin liquidity on Bybit climbed back to heights seen in February before hackers stole $1.5 billion worth of ETH from the platform in a multi-sig heist, Kaiko noted in a Wednesday report.Bybit was the target of a sophisticated attack orchestrated by bad actors believed to be the Lazarus Group, a notorious North Korean-funded criminal organization. The exploiters tricked Bybit’s cold wallet signers into authorizing a malicious transaction and stole over 400,000 ETH on February 21, 2025. Bybit CEO Ben Zhou said the platform experienced over 350,000 withdrawal requests after the hack as users pulled assets and normal market activity decreased.The event mounted further pressure on Bybit and crypto venues at large, following U.S. tariff plans teased in January that later sparked a global trade war. Yet, Bybit’s BTC liquidity has since reclaimed its pre-hack level a month later.“Despite challenging market conditions for Bitcoin following a dramatic shift in U.S. trade policy, bitcoin’s 1% market depth on Bybit fully recovered just 30 days after the hack,” Kaiko researchers wrote.Market depth refers to a platform’s ability to handle large buy or sell orders without massive price fluctuations. A deeper or larger market depth means the exchange’s order book can absorb more activity.Retail Price Improvement (RPI) orders launched on Feb. 20 contributed to this liquidity comeback, according to Kaiko. Institutional market makers place RPIs to stabilize price volatility and provide tighter spreads for retail traders.According to Kaiko, Bybit’s bitcoin market depth showed a broad recovery to 8% from a low of 0.1%. The exchange also fared better than its rivals after the historic hack and tariff-driven uncertainty. Liquidity dropped double-digit percentages across competitors like HTX, Bithumn, and MEXC in March. Meanwhile, Bybit recorded a 30% rebound in market depth, per Kaiko.Altcoin market depth on the exchange also saw an uptrend in March, though at a slower rate compared to bitcoin. Kaiko attributed the lag to a general altcoin decline from the risk-off market sentiment fueled by macroeconomic concerns.“Nevertheless, market depth for the top 30 altcoins by market cap has recovered to over 80% of pre-hack levels, with improvements seen broadly on the order book, similar to Bitcoin,” Kaiko analysts stated.The Block reached out to Bybit for comment on the matter.

Kaiko Report: Bybit Bitcoin Liquidity Recovers to Pre-Hack Levels