Lazarus Group Behind $1.4B Bybit Hack: 11,000 Wallets Used to Launder Stolen Funds
The $1.4 billion hack of Bybit, one of the largest cryptocurrency exchanges, is believed to be the work of the Lazarus Group, a North Korean hacking collective with a history of large-scale cyberattacks. The hackers were responsible for the $1.4 billion hack of Bybit, who targeted Bybit’s cold wallet signers and intercepted transfers, gaining access to massive amounts of funds. They have since used over 11,000 cryptocurrency wallets to move and launder the stolen assets, complicating tracking efforts
In response, Bybit’s CEO, Ben Zhou, took action by declaring a “war” on the hackers and launching an initiative to recover the stolen funds. This included introducing a new tool to blacklist suspicious wallets and offering rewards for tracking the stolen money.
Blockchain analytics firm Elliptic released a free data feed listing wallet addresses linked to North Korean hackers. This initiative helps the community avoid sanctions and prevent money laundering of the stolen assets.
“Addresses associated with the Bybit exploit were identified and available to screen within just 30 minutes of the announcement, protecting customers without the need for them to conduct repetitive manual checks,” Elliptic stated.
Elliptic’s intelligence API identified 11,084 crypto wallet addresses linked to the Bybit hack. The list is expected to expand as investigations continue.
Zhou expressed gratitude to the Elliptic team for their assistance in providing real-time data on the Bybit hack. On February 25, Bybit hired the Web3 security firm ZeroShadow to investigate the blockchain and trace the stolen funds from the Bybit hack. The firm’s job is to track the funds and prevent further movement, aiming to recover as much as possible.
Despite the breach, Bybit has worked to maintain platform stability, keeping withdrawals open and securing external liquidity through loans. By February 25, the exchange began repaying these loans, starting with a transfer of 40,000 ETH back to Bidget.
