In February, the crypto world was shocked by a breach at ByBit, resulting in a theft of over $1.4 billion in digital assets linked to North Korea's Lazarus Group.
How It Happened
Initial investigations revealed that the breach targeted ByBit's cold wallets. Attackers exploited a compromised Safe{Wallet} developer environment, stealthily siphoning hundreds of thousands of ETH.
According to ByBit CEO Ben Zhou, the attackers managed to steal around 500,000 ETH valued at approximately $1.4 billion at the time of the incident. Of that amount, 432,000 ETH was rapidly converted into 10,003 BTC using cross-chain platforms like THORChain. This quick conversion helped obscure fund movements, though not entirely.
The Trail They Left Behind
Despite the attackers' efforts to cover their tracks using advanced laundering methods, Zhou stated that 68.6% of the stolen funds remain traceable. However, 27.6% has gone dark, and only 3.8% of the assets have been successfully frozen.
The stolen crypto was laundered through a multi-layered approach:
* Initially routed through the privacy-focused Wasabi Mixer. * Further dispersed via services like CryptoMixer, Tornado Cash, and Railgun. * Leveraged cross-chain and swap protocols, including eXch, Stargate, SunSwap, Lombard, and LI.FI. * Eventually ended up in P2P and OTC platforms, significantly complicating the trail.
In total, over 35,000 wallets were used to scatter the stolen assets. As of Zhou's latest update, only about $17 million in ETH remains on the mainnet, spread across 12,490 wallets.
The Lazarus Bounty Program
In a bid to recover stolen assets and hold the perpetrators accountable, ByBit launched the Lazarus Bounty Program shortly after the breach. The initiative offers a 10% reward — up to $140 million — for credible information that can lead to asset recovery or arrests.
To date:
* 5,443 bounty reports have been submitted. * Only 70 were considered credible. * 12 reports resulted in bounty payouts totaling $2.3 million.
One major breakthrough came from Mantle, a project that successfully helped freeze $42 million worth of stolen funds.
Zhou emphasized, "We need more bounty hunters that can decode mixers," calling on the global crypto community for justice.
More than two months after this record-breaking crypto hack, ByBit remains committed to its recovery efforts. This incident highlights the vulnerabilities that pervade even the most established platforms in the Web3 space and underscores the necessity for robust security measures and global cooperation against crypto crime.
