Less than a week after hackers stole over $1.4 billion from Bybit, CEO Ben Zhou has launched a counteroffensive against the North Korea-affiliated Lazarus Group.
Bybit's Counteroffensive Against Lazarus
In a post on X, Zhou called on crypto users and firms to join in tracking and recovering the stolen assets. He also unveiled a bounty website, offering up to 10% rewards—potentially $140 million—to those who help intercept the funds. "We have assigned a team to keep this updated. We will not stop until Lazarus or bad actors in the industry are eliminated," Zhou said.
Postscript and Blockchain Investigations
Bybit announced that it fully replaced the lost assets, restoring its 1:1 backing of client funds. The exchange kept operations running and allowed customer withdrawals without major delays. Blockchain sleuth ZachXBT identified Lazarus Group as the culprit behind the attack, which drained staked Ethereum (stETH), Mantle Staked ETH (mETH), and other ERC-20 tokens. His findings also suggested connections between Bybit’s attack and previous hacks on BingX and Phemex.
Cyberattack Echoes: Consequences and Security Measures
Security experts believe the stolen funds are being funneled through crypto mixers, a common laundering tactic used by Lazarus to obscure transaction trails. Security firm PeckShield says that while crypto-related hacks and scams dropped in late 2024, the Bybit breach raises fresh concerns over exchange vulnerabilities. Earlier today, Bybit fully repaid the 40,000 Ether ($104 million) loan it borrowed from Bitget to cover withdrawals, a loan issued interest-free and without collateral as support from Bitget.
The cyberattack on Bybit underscores the growing security threats in the crypto industry, necessitating enhanced cooperation and measures to protect assets and prevent such incidents from recurring.
