The FBI has confirmed that North Korean-backed hackers, Lazarus Group and TraderTraitor, were responsible for the $1.5 billion theft from Bybit. The attack took place on February 21, 2025, during a routine cold wallet transfer.

FBI
FBI report regarding Korea behind Lazaru | Source : FBI

The stolen funds were rapidly converted into Bitcoin and distributed across numerous blockchain addresses. The FBI has warned crypto firms to block transactions linked to the flagged addresses to prevent further laundering.

So far, $43 million has been recovered, and Bybit is offering $140 million in bounties to track the stolen assets.

You can also read this Bybit Fully Replaces Stolen $ETH After $1.4B Hack

Lazarus Group’s Ongoing Cyber Warfare

The Lazarus Group has been behind several major crypto thefts, and this attack is part of their ongoing efforts to fund North Korea’s state operations.

These cybercriminals have stolen billions of dollars, and the stolen funds are believed to support North Korea’s nuclear weapons program, bypassing international sanctions.

The FBI’s confirmation of Lazarus Group’s involvement highlights the growing use of cyberattacks for state operations. Authorities have issued warnings to crypto firms to block transactions from addresses tied to the hackers.

North Korea’s increasing success in crypto thefts raises concerns about the vulnerability of global exchanges. The growing threat emphasizes the need for enhanced security and collaboration between crypto firms and authorities.

Recovery and Future Implications for Crypto Security

Despite the scale of the theft, recovery efforts are making progress. Bybit has managed to recover $43 million, with blockchain firms playing a key role in tracking the stolen assets. Bybit has also offered rewards for help in retrieving the remaining funds.

The breach underscores weaknesses in crypto security, particularly with cold wallet transfers. As the cryptocurrency market expands, ensuring the safety of digital assets from sophisticated hackers becomes crucial. Bybit’s recovery efforts and the FBI’s involvement highlight the importance of securing the crypto space.

As Lazarus Group continues targeting exchanges, the crypto world must strengthen its cybersecurity measures. Bybit is focusing on enhancing security protocols to protect users and prevent future breaches.

Editor’s Note: This article does not represent financial advice. Please do your own research before investing.