Bybit CEO declares ‘war against Lazarus’ after $1.4B hack

A Bybit program showed users could receive a 10% bounty for tracing funds associated with a Feb. 21 hack, potentially netting them up to $140 million.
Turner Wright
Posted by Turner Wright February 25, 2025 2 Mins Read
A Bybit program showed users could receive a 10% bounty for tracing funds associated with a Feb. 21 hack, potentially netting them up to $140 million.

Fewer than seven days after hackers removed more than $1.4 billion in assets from Bybit, the cryptocurrency exchange’s co-founder and CEO has vowed to take action against those responsible. 

In a Feb. 25 X post, Bybit CEO Ben Zhou called on users to support a “war against Lazarus,” referring to the North Korea-affiliated group that stole funds from the exchange on Feb. 21. The CEO announced a bounty website in which those who froze illegally moved funds could receive 5% of any crypto as a result of their efforts. However, the site said, “Successful interceptions will be rewarded with a 10% bounty” — potentially up to $140 million.

“We have assigned a team to dedicate to maintain and update this website, we will not stop until Lazarus or bad actors in the industry is eliminated,” said Zhou. “In the future we will open it up to other victims of Lazarus as well.”

Hackers, North Korea, Crimes, Bybit

Bybit CEO’s statement after a Feb. 21 hack. Source: Ben Zhou

Security sleuth ZachXBT identified Lazarus behind the Feb. 21 hack that resulted in the removal of more than $1.4 billion in liquid-staked Ether (STETH), Mantle Staked ETH (mETH) and other ERC-20 tokens. Bybit reported on Feb. 23 that the exchange had replaced the stolen crypto, claiming Bybit was “back to 100% 1:1 on client assets.”

Related: Adam Back slams ‘EVM mis-design’ as root cause of Bybit hack

Firms will sometimes offer hackers a bounty to return stolen funds and avoid potential legal issues. Zhou’s call to “eliminate” Lazarus’ efforts, however, could make the exchange a target for future attacks.

The number of hacks has been decreasing since 2022

Hackers tied to North Korea were reportedly responsible for stealing more than $3 billion worth of crypto from exchanges between 2017 and 2023. The Bybit hack, however, would represent the most expensive exploit in the crypto industry’s history, far exceeding the roughly $600 million removed in a 2022 hack of Ronin Bridge.

Blockchain security firm PeckShield reported in January that hackers and scammers stole more than $3 billion through crypto-related activities in 2024, with phishing attempts the “most costly.” However, the company’s data suggested the total number of hacks and scams had been decreasing since 2022 and tapered off at the end of 2024.

Magazine: Meet the hackers who can help get your crypto life savings back

Tags: