- The FBI confirms North Korea’s Lazarus Group stole $1.5B from Bybit, laundering funds across multiple blockchain networks.
- Bybit’s CEO offers a bounty to track stolen assets as hackers spread funds across thousands of crypto wallets.
- The FBI urges exchanges and DeFi firms to block TraderTraitor-linked addresses and report any suspicious activity.
The U.S. Federal Bureau of Investigation (FBI) has confirmed that North Korea’s Lazarus Group is behind the Bybit hack. The attack, which occurred on February 22, 2025, resulted in the theft of approximately $1.5 billion in digital assets.
Lazarus Group Implicated in Major Cryptocurrency Heist
The FBI’s investigation traced multiple Ethereum addresses linked to Lazarus Group. The agency has classified this cyber activity under the name “TraderTraitor.” It stated that the stolen funds are being laundered rapidly across multiple blockchain networks. The goal is to obscure the origins of the assets.
This confirmed their involvement in the Bybit breach, which resulted in significant financial losses. Private investigator ZackXBT initially pointed to the group, and the FBI later supported these findings. The attackers converted portions of the stolen assets into Bitcoin and other cryptocurrencies. These assets were then distributed across thousands of wallets, making tracking more difficult.
Authorities believe the stolen funds will eventually be converted into fiat currency. Bybit’s CEO, Ben Zhou, acknowledged the security breach and urged the crypto community to assist in tracking the stolen funds. On February 25, he announced a bounty for individuals who could help freeze the assets. Bybit remains committed to eliminating bad actors from the cryptocurrency industry.
FBI Urges Crypto Entities to Block Illicit Transactions
The FBI has called on cryptocurrency exchanges, DeFi firms, and blockchain analytics companies to take action. It urged them to monitor and block suspicious transactions tied to TraderTraitor-linked wallets. The agency has also shared a list of addresses linked to the hack to assist in tracking the stolen funds. This move aims to prevent the attackers from cashing out the stolen assets.
The FBI continues to track North Korea’s cyber activities and warns of ongoing threats to the crypto industry. Authorities encourage individuals and organizations to report any relevant information. Reports can be made to local FBI field offices for further investigation. Additionally, submissions can be filed through the Internet Crime Complaint Center (ic3.gov).
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
