Bybit, one of the world’s leading cryptocurrency exchanges, has launched an aggressive initiative to track and disrupt the illicit activities of the North Korean Lazarus Group.
This move, led by Bybit CEO Ben Zhou, introduces Lazarus Bounty, the industry’s first fully transparent bounty program that rewards crypto users for helping trace and freeze funds linked to the sanctioned hacking group.
Ben stated that with this new platform, users can become bounty hunters by connecting their wallets and submitting information on suspect transactions. When their reports lead to a successful freeze of funds, bounties are paid out instantly.
He added that exchanges, mixers, and others involved in freezing assets will receive 5% of the bounty. A real-time ranking system will also track the responses of industry players to Lazarus-linked transactions, exposing those who facilitate illegal activities.
The recent Bybit hack is one of the largest cryptocurrency thefts in history, with approximately $1.5 billion stolen. The hackers compromised the devices of all multisig signers at Bybit, allowing them to manipulate transactions.
They used malware to alter the transaction details displayed on the signers’ interfaces, making it appear as a legitimate transfer.
The technique allowed them to manipulate the signers into approving a change in the smart contract logic of Bybit’s Ethereum cold wallet, effectively gaining control over it. Once in control, the hackers drained the cold wallet, transferring funds to an undisclosed address.
The hack is attributed to North Korea’s Lazarus Group, known for sophisticated cyberattacks and cryptocurrency laundering. Bybit replenished its reserves using emergency loans and whale deposits, recovering nearly 447,000 ether tokens. However, recovering the stolen assets remains challenging.
In response to this, Bybit released the bounty program to discourage the gross crimes committed in space , especially those driven by the Lazarus Group. Ben Zhou emphasized Bybit’s commitment to maintaining the integrity of the crypto space.
He noted that the company has dedicated a team to updating the bounty platform and aims to expand its reach to assist other victims of Lazarus in the future.
The upcoming Version 2 of the program will introduce new features such as real-time wallet balance tracking, allowing bounty hunters to claim wallets and monitor their movement. Regulator tools will also be added to strengthen oversight and transparency.
The activities of the infamous Lazarus Group have echoed loudly across the crypto market. In late October 2024, cybersecurity firm Kaspersky reported that the Lazarus Group was exploiting a Google Chrome vulnerability by using a fake NFT game to lure victims.
In November of the same year, South Korean police confirmed that the 2019 hack of the Upbit cryptocurrency exchange was orchestrated by the Lazarus Group and another group, Andariel.
