Bybit’s Market Share Rebounds by 7% After February Hack
An April 9 report released by Block Scholes shows that Bybit’s market share has increased and it has also quickly regained its footing following the recent cyberattack. This was made possible through strategic liquidity tools and a broader market recovery despite the uncertainty caused by the crypto hack that the exchange suffered in February.
Strategies That Accelerated Bybit’s Recovery
The crypto analytics firm’s report revealed that the exchange is experiencing a consistent recovery in trading activity, which has seen its market share rise steadily from 4% to 7%.
Bybit faced a dramatic decline earlier this year with their market share dropping from about 10% in January 2025 to 4% after the February 21 hack. However, this rebound came amidst a broader trend of “macro de-risking” across global markets, which had already started before the hack. The Block Scholes report revealed that Bybit’s rollout of a Retail Price Improvement (RPI) order to provide better liquidity and tighter spreads for retail traders was the cornerstone of its recovery. The order narrowed spreads, boosted liquidity, and allowed retail traders to resume normal Bitcoin and Ethereum trading more quickly. An RPI order is designed to give retail traders the option of better pricing and liquidity offerings by limiting matchings to only retail traders. Despite a temporary dip in spot volume post-hack, the exchange’s ability to stabilize liquidity rapidly enabled it to regain market share faster than competitors.
Decentralization vs. Security: Lessons from Bybit and BadgerDAO
The Bybit hack, the largest crypto theft to date, exposed a major weakness in Web3. Its dependence on Web2 infrastructure for key functions like authentication and storage. This dependency exposes seemingly secure decentralized systems to traditional cybersecurity threats. Despite Web3’s vision of autonomy, many platforms still rely on services like AWS and Google Cloud for key functions, creating single points of failure. In Bybit’s case, attackers breached Safe Wallet’s AWS infrastructure, injecting malicious JavaScript into critical files controlling wallet functions.
This breach represents a recurring problem, as similar patterns have emerged across platforms. The BadgerDAO hack, which similarly exploited Web2 infrastructure, demonstrates how systemic vulnerabilities persist in Web3. Sophisticated attacks targeting Web2 components, such as Cloudflare API keys, prove that as long as Web3 platforms continue relying on centralized systems, they remain exposed to such threats.
Impact of Breaches on Web3 Platforms’ Growth
Bybit’s decision to shut down its NFT and Initial DEX Offering (IDO) services following the devastating security breach further shows the risks associated with crypto’s continued dependence on Web2 infrastructure. The discontinuation, effective April 8, 2025, is seen as part of the platform’s effort to streamline its offerings amid increasing regulatory scrutiny and security concerns. This move also reflects a broader trend of declining market activity in the NFT space, with several platforms, including Kraken and LG Art Lab, shutting down their NFT operations due to decreased trading volumes and financial challenges. Market activity has struggled to come anywhere close to the $3.24 billion peak seen in August 2021.