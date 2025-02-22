North Korea’s infamous Lazarus Group is suspected to be the mastermind behind the $1.4 billion Ethereum ETH/USD hack on cryptocurrency exchange Bybit, as per findings from blockchain data platform Arkham Intelligence.

What Happened: According to the report, Lazarus Group, a state-sponsored hacking organization from North Korea, is believed to have pilfered over $1.4 billion worth of Ethereum and related tokens from Bybit last Friday.

This suspicion was drawn from on-chain data analysis that linked the activity to previous attacks associated with the Lazarus Group.

The link was established by an anonymous on-chain investigator known as ZachXBT, who has a history of solving numerous crypto hacks. His report included a detailed analysis of test transactions, connected wallets used before the exploit, and several forensic graphs and timing analyses, reports reports Decrypt.

Arkham Intelligence had previously announced a bounty of nearly $30,000 in ARKM tokens for information leading to the identification of the hackers behind the massive Bybit hack. The hack not only impacted Bybit but also sent shockwaves through the crypto markets.

BREAKING: BYBIT $1 BILLION HACK BOUNTY SOLVED BY ZACHXBT



At 19:09 UTC today, @zachxbt submitted definitive proof that this attack on Bybit was performed by the LAZARUS GROUP.



His submission included a detailed analysis of test transactions and connected wallets used ahead of… https://t.co/O43qD2CM2U pic.twitter.com/jtQPtXl0C5 — Arkham (@arkham) February 21, 2025

The Lazarus Group, a collective of North Korean state-sponsored crypto hackers, is considered one of the most sophisticated on-chain operators globally.

Also Read: Bybit Founder Says $1.4B ETH Hack May Stem From Safe Wallet Compromise

Last year, they reportedly stole over $1.3 billion from various projects, accounting for 61% of all illicitly obtained crypto in 2024, according to Chainalysis.

Currently, the specifics of the recent hack, the largest in crypto history based on asset prices at the time of the incident, remain unclear.

Bybit claimed that the exploit involved a “sophisticated attack” that masked the signing interface of a multi-signature transaction, making a hacker-controlled wallet appear as the intended recipient address.

Why It Matters: The magnitude of this hack underscores the growing threat of state-sponsored cybercrime in the crypto space. The Lazarus Group’s suspected involvement highlights the sophistication and scale of such operations.

This incident serves as a stark reminder of the security vulnerabilities inherent in the crypto market and the need for robust security measures to protect against such sophisticated attacks.

Read Next

Coinbase CEO Brian Armstrong Says SEC Has Agreed To End ‘Bogus' Enforcement Case Without Penalties

Image: Shutterstock