Bybit has introduced a new initiative to combat illicit cryptocurrency laundering linked to North Korea’s notorious Lazarus Group.
Announced by Bybit CEO Ben Zhou, the program aims to enhance security measures and aid in the recovery of stolen digital assets, following one of the largest crypto hacks in history.
Bybit’s New Approach to Tracking Stolen Crypto
To incentivize the retrieval of stolen assets, Bybit has pledged a bounty equaling 10% of any successfully recovered funds, potentially amounting to as much as $140 million.
This bounty will be split, with 5% allocated to those who manage to freeze illicit funds and another 5% to contributors assisting in tracing unauthorized transactions.
The move follows a major breach on February 21, when Bybit, a Dubai-based exchange, suffered an Ethereum exploit suspected to have been carried out by Lazarus Group.
The hack resulted in an estimated $1.4 billion loss, making it a landmark case in cryptocurrency security concerns.
The Mechanics of Lazarus Group’s Crypto Laundering
Blockchain investigator ZachXBT was among the first to attribute the attack to Lazarus Group, a conclusion later verified by crypto intelligence firm Arkham Intelligence.
ZachXBT also connected the group to a similar breach in January, where Singapore-based exchange Phemex lost more than $69 million.
Lazarus Group just connected the Bybit hack to the Phemex hack directly on-chain commingling funds from the intial theft address for both incidents.
Overlap address:
0x33d057af74779925c4b2e720a820387cb89f8f65Bybit hack txns on Feb 22, 2025:… pic.twitter.com/dh2oHUBCvW
— ZachXBT (@zachxbt) February 22, 2025
Reports from blockchain analytics firm Elliptic highlight the intricate laundering methods used by Lazarus.
Their operation typically follows a two-phase process to disguise the origins of stolen assets.
Initially, stolen cryptocurrencies are swapped for native blockchain tokens, such as Ether, to bypass freezing measures from issuers.
Subsequently, these funds are distributed across numerous wallets in a practice known as “layering,” complicating efforts to trace and retrieve stolen funds.
Within two hours of the Bybit hack, the group had moved assets across 50 different wallets, each containing about 10,000 ETH.
A Legacy of Cybercrime
Lazarus Group has long been associated with high-profile cybercrimes, with strong ties to North Korea’s state-sponsored hacking operations.
The group first gained global notoriety in 2009 and became infamous in 2016 after orchestrating an $81 million theft from Bangladesh Bank.
A year later, it was linked to the devastating WannaCry ransomware attack, which affected over 300,000 computers in 150 countries.
Now, with its continued targeting of the cryptocurrency sector, Lazarus Group remains one of the most formidable cybercriminal organizations worldwide.
Have you read it yet? SEC drops OpenSea investigation
Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.
