Bybit's $1.4 billion hack traced to Lazarus Group: ZachXBT
- Blockchain investigator ZachXBT traced the attack on Bybit to the North Korean Lazarus Group.
- The hack is allegedly connected to the attack on crypto exchange Phemex in January.
- Bybit CEO Ben Zhou claims the exchange has secured 80% of customers' stolen funds by leveraging bridge loans.
Crypto investigator ZachXBT linked the $1.44 billion hack of crypto exchange Bybit on Friday to the infamous Lazarus Group, which has been allegedly responsible for some of the top attacks on digital asset platforms.
Additionally, Bybit CEO Ben Zhou claimed the exchange had raised nearly 80% of the stolen funds from bridge loans, encouraging users to stay calm.
Lazarus group strikes crypto again, Bybit aims for quick recovery
Crypto investigator ZachXBT claims that the Bybit attack was performed by the North Korean Lazarus Group.
According to a post by Arkham on X, ZachXBT submitted "definitive proof" that linked this recent exploitation to the Lazarus Group.
"His submission included a detailed analysis of test transactions and connected wallets used ahead of the exploit, as well as multiple forensics graphs and timing analysis," Arkham shared in a post on X.
This marks yet another successful attack on top crypto companies by the anonymous group.
ZachXBT also shared in response to Arkham that he connected the attack to that of the Phemex exchange in January, where hackers stole $30 million.
TLDR myself and Josh from CF connected the Bybit hack on-chain to the Phemex hack
— ZachXBT (@zachxbt) February 21, 2025
Arkham offered a bounty of 50,000 ARKM, worth $32,000, to anyone who could identify the perpetrators behind the attack.
This came after Bybit confirmed a major security breach resulting in the loss of $1.44 billion in ETH-related assets, marking one of the largest theft in crypto market history.
In response, co-founder and CEO Ben Zhao assured users that the exchage will honour all withdrawal requests, include those under review.
He claimed the company is leveraging bridge loans from partners to settle the increased withdrawal requests as a repurchase of the stolen tokens from the open market is unlikely.
Bybit also released a statement to users on X, claiming that it has reported the incident to the proper authorities.
They also claim to have reached out to on-chain providers to track the activities of wallets involved in the heist to prevent the hackers from spending the tokens.
We have reported the case to the appropriate authorities and we will send an update as soon as we have any further information. We have fortunately worked quickly and extensively with on-chain analytics providers to identify and demix the implicated addresses. These actions will…
— Bybit (@Bybit_Official) February 21, 2025
The latest hack adds to a growing list of cyberattacks attributed to the Lazarus Group, which has orchestrated some of the most largest cryptocurrency thefts in history.
Other major incidents from the group include the $625 million Ronin Network (Axie Infinity) heist, the Atomic Wallet breach with a $100 million exodus, the $54 million CoinEx hack and the Alphapo exploit of $60 million.
Author
Michael Ebiekutan
FXStreet
With a deep passion for web3 technology, he's collaborated with industry-leading brands like Mara, ITAK, and FXStreet in delivering groundbreaking reports on web3's transformative potential across diverse sectors. In addition to
