On Friday, cryptocurrency exchange Bybit was allegedly hacked by North Korea’s Lazarus group, which drained nearly $1.4 billion in ether (ETH) from the exchange.

Following the hack, Arthur Hayes, BitMEX co-founder and claiming to be a major ether (ETH) holder, wrote a post on X to Ethereum co-founder Vitalik Buterin on whether he will “advocate to roll back the chain to help @Bybit_Official.” Meanwhile, in an X spaces session, Bybit’s CEO Ben Zhou revealed that his team had also reached out to the Ethereum Foundation to see if it was something the network would consider, noting that such a decision should be based on what the network’s community wants.

Hayes’s post immediately provoked a fierce reaction from the Ethereum community, which was firm in its belief that it wouldn’t happen. Some even questioned whether the BitMEX founder was joking. CoinDesk reached out to Hayes over X to clarify his comments.

Ethereum members, like the core developer teams, are vastly against “rolling back” the network because it would override core elements of decentralization. If Buterin decided on his own that it would happen, then that would be seen as the end of Ethereum’s ethos, which heavily involves various developer teams and other community members when it comes to the health and state of the blockchain.

“Rolling back the chain would give ETH no purpose. What’s the point if you can just change rules,” said user @the_weso in a post on X.

Some outside the Ethereum community pointed to the 2016 DAO hack as an example when $60 million in ETH was stolen. The network went forward with a hard fork, splitting the old network into two, and the new chain continued on as Ethereum.

That hard fork was not a “rollback,” though; it was known as an “irregular state transition.” Ethereum technically can’t “roll back” the network because it relies on an account model, where accounts hold users’ ETH.

At the time of the hack, developers upgraded their nodes to a new client or software. Those who didn’t upgrade their nodes were still on the old chain, which became known as Ethereum Classic.

When the nodes upgraded to the new software, the stolen ETH could move from one Ethereum account address to the next.

“The ‘irregular state change’ that they implemented at the time of the DAO hard fork was this: they airlifted all the ETH in the DAO smart contracts out to a refund contract that would send you 1 ETH for every 100 DAO tokens you sent in,” wrote Laura Shin of Unchained in a post on X.

Read more: Arthur Hayes Floats the Idea of Rolling Back Ethereum Network to Negate $1.4B Bybit Hack, Drawing Community Ire

Major cryptocurrency exchange Bybit has seen total outflows of over $5.5 billion after it suffered a near $1.5 billion hack that saw hackers, believed to be from North Korea’s Lazarus Group, drain its ether cold wallet.

The total assets tracked on wallets associated with the exchange plunged from around $16.9 billion to $11.2 billion at the time of writing, according to data from DeFiLlama. The exchange is now looking to understand exactly what happened.

In an X spaces session, Bybit’s CEO Ben Zhou revealed that shortly after the incident, he called for “all hands on deck” to serve their clients with processing withdrawals and responding to inquiries about what was going on.

During the session, Zhou revealed that the security breach saw the hackers make off with roughly 70% of their clients’ ether, which meant that Bybit needed to quickly secure a loan to be able to process withdrawals. Yet, Zhou found that ether wasn’t the most withdrawn token, with most users instead withdrawing stablecoin from Bybit.

The exchange, Zhou noted, has reserves to cover these withdrawals, but the crisis deepened as, in response to the incident, Safe moved to temporarily shut down its smart wallet functionalities to “ensure absolute confidence in our platform’s security.”

Safe is a decentralized custody protocol providing smart contract wallets for digital asset management. Some exchanges integrated Safe, which allows users to maintain custody of their funds and has multisig functionality to enhance the security of their cold wallets.

While the exchange had reserves to back up users’ withdrawals, $3 billion worth of USDT was in a Safe wallet that had just been shut down as the wallet moved to understand the situation, according to Zhou.

On social media, Safe said that while it had «not found evidence that the official Safe frontend was compromised,» it was temporarily shutting down «certain functionalities» out of caution.

While Zhou and Bybit’s team were figuring out how to securely withdraw their $3 billion, withdrawals were mounting. Within two hours of the security breach, the exchange was facing requests to move over $100,000 off its platform, Zhou revealed.

Responding to the situation, Zhou told his security team to engage Safe to “find a better way to get this money out.” The team ended up developing new software with code “based on Etherscan” to verify the signatures “on a very manual level” to move the stablecoins back to their wallet and cover the withdrawal surge.

The exchange’s team had to remain up all night to be able to fulfill withdrawals, according to Zhou. As the exchange managed to move the $3 billion in stablecoin reserves, it was facing a bank run of “about 50%” of all the funds within the exchange.

Zhou said that since the incident, the exchange has moved a significant amount of funds off of Safe cold wallets and is now determining what system it will use to replace Safe.

Pushing to «Roll Back» Ethereum Was not Off the Table

Since the security breach, Bybit has engaged authorities. During the session, Zhou said that the Singaporean authorities took the issue “very seriously” and that he believes it has already been escalated with Interpol.

Blockchain analysis firms, including Chainalysis, were engaged. Zhou said, “As long as Bybit is there and continues to track [the stolen ether], I hope we can get these funds back.”

Notably, he revealed that pushing to «roll back» the Ethereum blockchain, which was suggested by some industry players on social media, including BitMEX co-founder Arthur Hayes, had been on the table for some time if the community agreed with it.

“I had my team talking to Vitalik and the Ethereum Foundation to see if there’s any recommendations they can offer to help. I do really thank all these guys on Twitter asking if there is a possibility to roll back the chain. I’m not sure what was the response on their side, but anything that would help we would try,” Zhou said.

When asked if «rolling back» the chain is even possible, Zhou responded he doesn’t know. “I’m not sure it’s a one-man decision based on the spirit of blockchain. It should be a work in process to see what the community wants,” he said.

It’s worth noting that a blockchain «rollback» refers to a state change that would allow for the funds to be recovered. While rolling back the Bitcoin blockchain is technically possible, such a state change on Ethereum would be more complex, given its smart contract interactions and state-based architecture.

Nevertheless, any state change would require consensus and likely lead to a contentious hard fork, drawing criticism from the community. This would likely split the Ethereum blockchain into two networks, each with its own supporters.

As for what exactly caused the hack to occur, is still unclear. Per Zhou, Bybit’s laptops have not been compromised. He said the movements of the transaction’s signers have been scrutinized but appear to have been routine.

“We know the cause is definitely around the Safe cold wallet. Whether it’s a problem with our laptops or on Safe’s side, we don’t know.,” Zhou added.

A vast majority of Latin American cryptocurrency users—95%—plan to expand their holdings in 2025, according to a Binance Research survey of more than 10,000 investors in Argentina, Brazil, Colombia, and Mexico.

The findings show that 40.1% of respondents are expecting to buy more crypto within the next three months, 15.3% are looking to do so in the next six months, and 39.7% within 12 months. Only 4.9% have no plans to keep on investing this year.

Latin America led the world in crypto adoption in 2024, growing by 116%, according to research from payments firm Triple-A quoted in the report. The region now has 55 million cryptocurrency users, making up nearly 10% of total cryptocurrency users.

This rapid expansion has been fueled by rising asset prices, regulatory advancements, and new financial products like spot bitcoin exchange-traded funds (ETFs). Brazil has just last week become the first country to approve a spot XRP ETF.

Market performance has also bolstered investor confidence. «Latin America is a rapidly expanding region for the crypto sector, and the results of this research reinforce what we have observed in our operations,” Binance’s regional VP for Latin America, Guilherme Nazar, said.

Binance’s research shows that half of those inquired already use cryptocurrencies for over a year, with most entering the space expecting significant returns and searching for financial freedom.

Portfolio diversification, privacy, and protecting their money were also quoted as motives to invest in the space.
Read more: How a $115M Crypto Fund With Big Ambitions Plans to Invest In Latin America