Bybit Puts $140M Bounty on Hackers —Declares War on Notorious Lazarus Group

Bybit, one of the world’s leading cryptocurrency exchanges, has launched an aggressive campaign to recover stolen funds, offering a staggering $140 million bounty to track down hackers linked to the infamous Lazarus Group.

The crypto exchange suffered a devastating attack, resulting in the loss of approximately $1.4 billion—one of the largest crypto heists to date. The breach was reportedly traced back to malicious code embedded within the infrastructure of SafeWallet, a third-party crypto wallet platform.

According to a forensic investigation by cybersecurity firms Sygnia Labs and Verichains, the hackers manipulated JavaScript code to exploit vulnerabilities in Ethereum Multisig Cold Wallet security measures. The attack was believed to be orchestrated by North Korea-backed Lazarus Group, a notorious cybercrime organization known for large-scale cryptocurrency thefts.

To expedite fund recovery, Bybit CEO Ben Zhou announced a $140 million reward for individuals or entities that successfully trace and freeze stolen assets. The bounty is structured as follows:

• 5% of the recovered funds will be awarded to those who identify and track down the stolen crypto.
• Another 5% will go to those who help freeze and reclaim the assets.

Zhou also unveiled a new bounty platform aimed at enhancing transparency in crypto-related investigations. He vowed that Bybit would not stop until Lazarus Group and other cybercriminals are eliminated from the industry.

The Lazarus Group is a North Korean-backed hacking syndicate specializing in cyber espionage and cryptocurrency thefts. Reports indicate they were responsible for stealing $650 million in crypto in 2024 alone.

Governments from the U.S., Japan, and South Korea have accused North Korea of using these stolen funds to finance its weapons programs. Additionally, intelligence agencies warn that North Korean IT workers have infiltrated global blockchain companies, posing as legitimate developers to carry out cyberattacks.

Despite the breach, Bybit has successfully recovered a significant portion of its losses through strategic loans, institutional deposits, and Ethereum purchases.

• Bybit received 157,660 ETH ($437.8 million) from undisclosed sources.
• Crypto whales and institutions provided $127 million in emergency loans.
• Leading exchanges like MEXC and Bitget contributed substantial ETH deposits.

The incident has sparked renewed concerns over the security of centralized exchanges and the increasing threat posed by state-sponsored cybercriminals.

Bybit’s aggressive stance against cybercriminals could set a precedent in the crypto industry. However, it also raises critical questions about the effectiveness of cybersecurity measures within major exchanges. As the battle against Lazarus Group continues, the industry must prioritize enhanced security frameworks to prevent future breaches.